blogs.oglobo.globo.com Open in urlscan Pro
186.192.81.15 Public Scan

URL: https://g1.globo.com/
Title: g1

URL: https://globoesporte.globo.com/
Title: ge

URL: https://gshow.globo.com/
Title: gshow

URL: https://globoplay.globo.com/
Title: globoplay

URL: https://www.techtudo.com.br/
Title: tecnologia

URL: http://www.globo.com/todos-os-sites.html
Title: todos os sites

URL: https://oglobo.globo.com/
Title: Logo O Globo

URL: https://ofertasglobo.oglobo.globo.com/garc/landing_oglobo/consumidor22/index.html?campanha=sim&interno_origem=siteoglobo&interno_midia=botao&interno_campanha=og_botao_topo_semcookie_cnsmdr
Title: Assinatura

URL: https://www.facebook.com/jornaloglobo
Title: Facebook

URL: https://twitter.com/jornaloglobo
Title: Twitter

URL: https://www.instagram.com/jornaloglobo
Title: Instagram

URL: https://login.globo.com/login/3981?url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Title: Entrar

URL: https://oglobo.globo.com/politica/
Title: Política

URL: https://oglobo.globo.com/brasil/
Title: Brasil

URL: https://oglobo.globo.com/rio/
Title: Rio

URL: https://oglobo.globo.com/saude/
Title: Saúde

URL: https://oglobo.globo.com/mundo/
Title: Mundo

URL: https://oglobo.globo.com/economia/
Title: Economia

URL: https://oglobo.globo.com/cultura/
Title: Cultura

URL: https://oglobo.globo.com/esportes/
Title: Esportes

URL: https://oglobo.globo.com/boa-viagem/
Title: Viagem

URL: https://oglobo.globo.com/rio/bairros/
Title: Bairros

URL: https://oglobo.globo.com/blogs/
Title: Colunistas

URL: https://oglobo.globo.com/epoca/
Title: Época

URL: https://oglobo.globo.com/podcast/
Title: Podcast

URL: https://oglobo.globo.com/videos/
Title: Vídeos

URL: https://oglobo.globo.com/fotogalerias/
Title: Fotos

URL: https://oglobo.globo.com/infograficos/
Title: Infográficos

URL: https://oglobo.globo.com/economia/defesa-do-consumidor/
Title: Defesa do Consumidor

URL: https://oglobo.globo.com/ultimas-noticias
Title: Últimas Notícias

URL: https://oglobo.globo.com/principios-editoriais/
Title: Princípios Editoriais

URL: https://kogut.oglobo.globo.com/
Title: Logo Patrícia Kogut

URL: https://oglobo.globo.com/ela/
Title: Logo Ela

URL: https://oglobo.globo.com/rioshow/
Title: Logo Rio Show

URL: https://oglobo.globo.com/clubeoglobo/
Title: Logo Clube O Globo Sou Mais Rio

URL: https://meuoglobo.oglobo.globo.com/
Title: Logo Meu O Globo

URL: https://extra.globo.com/
Title: Logo Extra

URL: https://infoglobosites2.secure.force.com/assinante/
Title: Portal do Assinante

URL: https://acervo.oglobo.globo.com/
Title: Acervo

URL: https://oglobo.globo.com/um-so-planeta/
Title: Um Só Planeta

URL: https://jornaldigital.oglobo.globo.com/
Title: Edição Impressa

URL: https://oglobo.globo.com/newsletter/
Title: Newsletter

URL: https://oglobo.globo.com/economia/cnc-noticias/
Title: Comércio em pauta

URL: https://oglobo.globo.com/rio/tem-no-rio/
Title: Tem no Rio

URL: http://www.facebook.com/sharer/sharer.php?u=https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://twitter.com/intent/tweet?url=https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://plus.google.com/share?hl=en-US&url=https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

URL: https://oglobo.globo.com/economia/russia-vira-oficialmente-paria-financeira-nota-de-credito-reduzida-em-seis-niveis-para-lixo-25416901
Title: virar pária do mercado financeiro internacional

URL: https://www.facebook.com/sharer/sharer.php?u=https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3DFacebook%26utm_medium%3DSocial%26utm_campaign%3Dcompartilhar

URL: https://twitter.com/intent/tweet?text=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria?%20O%20Ita%C3%BA%20fez%20a%20conta&url=https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3DTwitter%26utm_medium%3DSocial%26utm_campaign%3Dcompartilhar

URL: https://api.whatsapp.com/send?text=Blog%20Capital:%20Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria?%20O%20Ita%C3%BA%20fez%20a%20conta%20%20https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html

URL: https://totalbattle.com/de/lp/city9alike2_webgl_dark_po_2/3?crt=v3PRO0085zenBFGJWO&adgp=ads&prtr=taboola&acc=main&site=editoraglobo-oglobo&cpn=1385591&iid=3134564510&clickid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMosLzN7PGP-vKyAQ#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMosLzN7PGP-vKyAQ
Title: Total Battle: Online Strategie-Spiel

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbs-feed-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Patrocinado

URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/click?pi=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&ri=1cddcb709443831b44e6bfc12a3a9d2e&sd=v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&it=text&ii=~~V1~~7066242047193757088~~aqKD2k-zCgZlFJIqGj8lCQa5AfqFhUYA0FoL1nuDyq7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKm-8JNJqDvLk2Ql_TFxcIpQ9pPqFQ_s-hud974vd59r1JT68Kla76zYU1DV3tD5owPZuCQS4tgqqnn8CSBZ4aNjxfAtsj75Zm6PzSBS4yNyd3WkhT22z-2tGiQiFNttdM&pt=text&li=rbox-t2v&sig=24fa7e7c85b61c7c1d07cc9e3392be429b91e0260e73&redir=https%3A%2F%2Ftotalbattle.com%2Fde%2Flp%2Fcity9alike2_webgl_dark_po_2%2F3%3Fcrt%3Dv3PRO0085zenBFGJWO%26adgp%3Dads%26prtr%3Dtaboola%26acc%3Dmain%26site%3Deditoraglobo-oglobo%26cpn%3D1385591%26iid%3D3134564510%26clickid%3DGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMosLzN7PGP-vKyAQ%23tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMosLzN7PGP-vKyAQ&vi=1646790370064&p=scorewarrior-totalbattle-sc&r=83&lti=deflated&ppb=CLsH&cpb=EhIyMDIyMDMwOC02LVJFTEVBU0UYlpjV0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMjk4gK6Cyg1Am-MJSI6KEFD2rdkDWKjsEGMI1xYQ1R8YI2RjCL4oELM2GCRkYwjq__________8BEOr__________wEYFmRjCNIDEOAGGAhkYwiWFBCYHBgYZGMItRQQwxwYCWRjCP0eELYqGAtkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogB7eunxgGQARw&cta=true
Title: Jetzt spielen

URL: https://www.hausfrage.de/artikel/so-funktioniert-der-teilverkauf/?utm_source=taboola&utm_medium=referral&utm_campaign=16240845&utm_content=3176818210&utm_placement=editoraglobo-oglobo&TaboolaClickId=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDU2lUo7OP4h-Wb5pSGAQ&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDU2lUo7OP4h-Wb5pSGAQ#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDU2lUo7OP4h-Wb5pSGAQ
Title: Hausfrage.de

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbs-feed-01-a:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Patrocinado

URL: https://www.fisherinvestments.com/de-de/campaigns/10-fehler-im-ruhestand/1f/?PC=TABROMPEI5&CC=0AUUDNXX&utm_source=Taboola&utm_medium=Native&utm_campaign=RONTargetCPA_Desktop&utm_term=editoraglobo-oglobo&utm_content=10+Investitionsfehler%2C+die+man+mit+einer+Anlage+ab+250.000+%E2%82%AC+vermeiden+sollte.&taclid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0EogpeQr8X00a5f&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0EogpeQr8X00a5f#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0EogpeQr8X00a5f
Title: Grüner Fisher Investments

URL: https://www.fisherinvestments.com/de-de/campaigns/10-fehler-im-ruhestand/1f/?PC=TABROMPEI5&CC=0AUQDNXX&utm_source=Taboola&utm_medium=Native&utm_campaign=RONTargetCPA_Desktop&utm_term=editoraglobo-oglobo&utm_content=Was+ist+der+gr%C3%B6%C3%9Fte+Fehler%2C+denman+mit+einer+Anlage+ab+500.000+%E2%82%AC+vermeiden+sollte%3F&taclid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0Eot9L68ceuprRU&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0Eot9L68ceuprRU#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0Eot9L68ceuprRU
Title: Grüner Fisher Investments

URL: https://www.homeday.de/de/di/immobilienwert-jetzt-erfahren/?utm_campaign=0349_TB_RH_DT_GEHEIMTIPP_RECHNER_Calculator_202202_topcampaign&utm_source=taboola&utm_medium=display&utm_term=editoraglobo-oglobo&utm_content=3177251919&gclid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCD6k0korai-4PSBxtyXAQ&taboolaclickid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCD6k0korai-4PSBxtyXAQ&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCD6k0korai-4PSBxtyXAQ#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCD6k0korai-4PSBxtyXAQ
Title: FAIRE PROVISION

URL: https://lp.bestattungsvorsorge-heute.de/native/widget.html?a_id=22475&ac_id=22475%7ESTERBE%7Ebestattungsvorsorge_desktop_220208&utm_source=taboola&utm_medium=referral&placement=1212310~editoraglobo-oglobo&utm_content=%C3%9Cber+57%3F+Geniale+Sterbegeldversicherung&tblclid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDi3kko59bE39C-qdenAQ&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDi3kko59bE39C-qdenAQ#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDi3kko59bE39C-qdenAQ
Title: bestattungsvorsorge

URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/click?pi=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&ri=7f6520db1b4972da5b83e91c35b11ef6&sd=v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&it=text&ii=~~V1~~206120100115290520~~-ooPb31xQhm6MCr5wVZo5os1KxTN4XyjWuGHkByYwI7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQZ4a6mmx10IQsd2kfeJTLN1ez5hp1asUTqvRq5LaLE2Rz24sRn-ESC1FSbW_qSNR2MKQFvJu1g1VdfnnvlSWcL1IICvwbdDl5c_nvK-dRcYAjHuaA6lEDg6HyztkZq-U6E2Znx5m5ka9e6OQHfibk8gfLEpgowoMhhjl6-YNTBEc&pt=text&li=rbox-t2v&sig=8bc954cb2bfa890de588b67d3aa778733140ae7ac7ea&redir=https%3A%2F%2Flp.bestattungsvorsorge-heute.de%2Fnative%2Fwidget.html%3Fa_id%3D22475%26ac_id%3D22475%257ESTERBE%257Ebestattungsvorsorge_desktop_220208%26utm_source%3Dtaboola%26utm_medium%3Dreferral%26placement%3D1212310~editoraglobo-oglobo%26utm_content%3D%25C3%259Cber%2B57%253F%2BGeniale%2BSterbegeldversicherung%26tblclid%3DGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDi3kko59bE39C-qdenAQ%26tblci%3DGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDi3kko59bE39C-qdenAQ%23tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDi3kko59bE39C-qdenAQ&vi=1646790370064&p=finanzende-funeral-sc&r=13&lti=deflated&ppb=CNMG&cpb=EhIyMDIyMDMwOC02LVJFTEVBU0UYlpjV0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIJd2F0ZXI0MjQ4OICugsoNQJvjCUiOihBQ9q3ZA1io7BBjCNcWENUfGCNkYwi-KBCzNhgkZGMI6v__________ARDq__________8BGBZkYwiWFBCYHBgYZGMI0gMQ4AYYCGRjCLUUEMMcGAlkYwj9HhC2KhgLZGMIpCcQgzUYL2RjCPQUEJ4dGB9keAGAAQKIAe3rp8YBkAEc&cta=true
Title: Angebot hier

URL: https://www.fisherinvestments.com/de-de/campaigns/anfrage-99-tipps/1c/?PC=TABROMPEI5&CC=0AUHDNXX&utm_source=Taboola&utm_medium=Native&utm_campaign=RONTargetCPA_Desktop&utm_term=editoraglobo-oglobo&utm_content=99+Tipps+f%C3%BCr+Anleger+mit+einem+Portfolio+ab+250.000+%E2%82%AC.&taclid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0Eo-e_vy9yt2orjAQ&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0Eo-e_vy9yt2orjAQ#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDrk0Eo-e_vy9yt2orjAQ
Title: Grüner Fisher Investments

URL: https://oglobo.globo.com/economia/proposta-para-subsidiar-combustiveis-avanca-no-governo-mas-tema-ainda-segue-indefinido-25424161
Title: Proposta para subsidiar combustíveis avança no governo, mas tema ainda segue indefinido

URL: https://oglobo.globo.com/economia/eua-dizem-que-gasoduto-nord-stream-2-entre-alemanha-russia-esta-morto-1-25424328
Title: EUA dizem que gasoduto Nord Stream 2, entre Alemanha e Rússia, 'está morto'

URL: https://oglobo.globo.com/economia/russia-limita-saques-de-contas-em-moeda-estrangeira-us-10-mil-ate-setembro-1-25424290
Title: Rússia limita saques de contas em moeda estrangeira a US$ 10 mil até setembro

URL: https://oglobo.globo.com/economia/governadores-intensificam-acao-contra-projeto-que-altera-icms-de-combustiveis-25424207
Title: Governadores intensificam ação contra projeto que altera ICMS de combustíveis

URL: https://oglobo.globo.com/economia/tecnologia/servico-de-computacao-em-nuvem-do-google-tem-pane-global-1-25424201
Title: Serviço de computação em nuvem do Google tem pane global

URL: https://oglobo.globo.com/economia/producao-de-veiculos-no-pais-cresce-141-de-janeiro-para-fevereiro-mas-registra-queda-217-na-comparacao-anual-25424078
Title: Produção de veículos no país cresce 14,1% de janeiro para fevereiro, mas registra queda e 21,7% na comparação anual

URL: https://oglobo.globo.com/economia/negocios/russia-propoe-encampar-fabricas-de-multinacionais-que-interromperam-operacoes-no-pais-25424071
Title: Rússia propõe encampar fábricas de multinacionais que interromperam operações no país

URL: https://oglobo.globo.com/economia/tecnologia/usuarios-do-spotify-reagem-com-memes-apos-aplicativo-apresentar-instabilidade-1-25424016
Title: Usuários do Spotify reagem com memes após aplicativo apresentar instabilidade

URL: https://oglobo.globo.com/economia/tecnologia/spotify-apresenta-instabilidade-deixa-usuarios-sem-acesso-plataforma-1-25423999
Title: Spotify apresenta instabilidade e deixa usuários sem acesso à plataforma

URL: https://oglobo.globo.com/economia/mcdonalds-starbucks-coca-cola-decidem-deixar-russia-25423964
Title: McDonald's, Starbucks e Coca-Cola decidem deixar a Rússia

URL: https://popup.taboola.com/pt/?template=colorbox&utm_source=editoraglobo-oglobo&utm_medium=referral&utm_content=thumbnails-b:Below%20Page%20|%20Card%201:
Title: por Taboola

URL: https://totalbattle.com/de/lp/city9alike2_webgl_dark_po_2/3?crt=v3PRO0085zenBFGJWO&adgp=ads&prtr=taboola&acc=main&site=editoraglobo-oglobo&cpn=1385591&iid=3134564510&clickid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMozprpxs-e1qs3#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMozprpxs-e1qs3
Title: Total Battle: Online Strategie-Spiel

URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/click?pi=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&ri=c4d4bb9190c1363882c58a604a8c9154&sd=v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&it=text&ii=~~V1~~7066242047193757088~~Ys_iBgp533EvylIk0SeyBAa5AfqFhUYA0FoL1nuDyq7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKRfnOpejdVpGfh9GkLwWLxOVwwiTTRmbeR9yJ-FWMtKVJT68Kla76zYU1DV3tD5owPZuCQS4tgqqnn8CSBZ4aNjxfAtsj75Zm6PzSBS4yNyd3WkhT22z-2tGiQiFNttdM&pt=text&li=rbox-t2v&sig=714421411126795e7e7651058cd1d3f6e93df53585a4&redir=https%3A%2F%2Ftotalbattle.com%2Fde%2Flp%2Fcity9alike2_webgl_dark_po_2%2F3%3Fcrt%3Dv3PRO0085zenBFGJWO%26adgp%3Dads%26prtr%3Dtaboola%26acc%3Dmain%26site%3Deditoraglobo-oglobo%26cpn%3D1385591%26iid%3D3134564510%26clickid%3DGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMozprpxs-e1qs3%23tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMozprpxs-e1qs3&vi=1646790370064&p=scorewarrior-totalbattle-sc&r=33&lti=deflated&ppb=CEE&cpb=EhIyMDIyMDMwOC02LVJFTEVBU0UYlpjV0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMjk4gK6Cyg1Am-MJSI6KEFD2rdkDWKjsEGMI1xYQ1R8YI2RjCL4oELM2GCRkYwjq__________8BEOr__________wEYFmRjCNIDEOAGGAhkYwiWFBCYHBgYZGMItRQQwxwYCWRjCP0eELYqGAtkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogB7eunxgGQARw&cta=true
Title: Jetzt spielen

URL: https://www.autohero.com/de/?utm_source=DIS&utm_medium=Brand&utm_campaign=DIS_Taboola_Broad_Desktop_03&utm_term=0603&utm_content=13&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDR5FEo_PrL96iyoZAK#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDR5FEo_PrL96iyoZAK
Title: Autohero

URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/click?pi=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&ri=c4d4bb9190c1363882c58a604a8c9154&sd=v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&it=text&ii=~~V1~~5121464769988440556~~GJV93sYIZqysBr4ausIU9MBDt6rSgwPZVJ85YWn1g_bTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RJ82Wrka8hatjkdBWgtAsTVOVwwiTTRmbeR9yJ-FWMtKWI3hjkwIKUS4EBOlk1kfy-IRSkLiOk7hBmrYCRu7OJhjxfAtsj75Zm6PzSBS4yNyd3WkhT22z-2tGiQiFNttdM&pt=text&li=rbox-t2v&sig=1341beaec828fc12512875c97491774b0e7936fa49ad&redir=https%3A%2F%2Fwww.autohero.com%2Fde%2F%3Futm_source%3DDIS%26utm_medium%3DBrand%26utm_campaign%3DDIS_Taboola_Broad_Desktop_03%26utm_term%3D0603%26utm_content%3D13%26tblci%3DGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDR5FEo_PrL96iyoZAK%23tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDR5FEo_PrL96iyoZAK&vi=1646790370064&p=auto1-autohero-sc&r=68&lti=deflated&ppb=CEE&cpb=EhIyMDIyMDMwOC02LVJFTEVBU0UYlpjV0wYgnP__________ASoZYW0udGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjNDAyMjk4gK6Cyg1Am-MJSI6KEFD2rdkDWKjsEGMI1xYQ1R8YI2RjCL4oELM2GCRkYwjq__________8BEOr__________wEYFmRjCNIDEOAGGAhkYwiWFBCYHBgYZGMItRQQwxwYCWRjCP0eELYqGAtkYwj0FBCeHRgfZGMIpCcQgzUYL2R4AYABAogB7eunxgGQARw&cta=true
Title: Mehr erfahren

URL: https://www.immobilienscout24.de/lp/kostenlose-immobilienbewertung-v1/?utm_source=taboola&utm_medium=display&utm_campaign=de_rle_pros_leads_b_region_desk_15314614&utm_term=editoraglobo-oglobo_1212310&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fcee959a893af92e50bcf0b1f27bc9a12.jpg&tblci=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDh50MoxP3ByvKgtJ7BAQ#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCDh50MoxP3ByvKgtJ7BAQ
Title: ImmoScout24

URL: https://totalbattle.com/de/lp/city9alike2_webgl_dark_po_2/3?crt=noahs_ark&adgp=ads&prtr=taboola&acc=main&site=editoraglobo-oglobo&cpn=1385591&iid=2888867871&clickid=GiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMopb_E6_WEso7KAQ#tblciGiBC4BruhkErZZO8L2kqMqkE3gDbIEBCIbyc8N2S184kdCCakUMopb_E6_WEso7KAQ
Title: Total Battle: Online Strategie-Spiel

URL: https://privacidade.globo.com/privacy-policy/
Title: Política de Privacidade

URL: https://privacidade.globo.com/
Title: Portal da Privacidade

URL: http://www.gda.com/
Title: Logo GDA

URL: http://www.agenciaoglobo.com.br/
Title: Agência O Globo

URL: https://oglobo.globo.com/fale-conosco/
Title: Fale conosco

URL: https://oglobo.globo.com/expediente/
Title: Expediente

URL: https://www.publicidadeeditoraglobo.com.br/
Title: Anuncie conosco

URL: https://www.vagas.com.br/editoraglobo
Title: Trabalhe conosco

URL: https://www.globo.com/privacidade.html
Title: Política de privacidade

URL: https://oglobo.globo.com/termos-de-uso/
Title: Termos de uso

URL: https://ofertasglobo.oglobo.globo.com/garc/landing_oglobo/consumidor22/index.html?campanha=sim&interno_origem=siteoglobo&interno_midia=display&interno_campanha=og_footer_semcookie_cnsmdr

186-192-81-15.prt.globo.com

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.assinanteoglobo.com.br/?qs=fac62467e24810197e285ac66955826b772acffa56bff1bc3df1f66cb8ffe73ea79ca076725a225e4d64f6157e25e210c8532752167e83ab HTTP 302
https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 114

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 115

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1646790367979&ns_c=UTF-8&c8=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790367979&ns_c=UTF-8&c8=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=

Request Chain 162

https://usermatch.krxd.net/um/v2?partner=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3ROREE1ZV8 HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3ROREE1ZV8 HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1

Request Chain 164

https://stags.bluekai.com/site/26357?id=OtNDA5e_&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOtNDA5e_%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
https://beacon.krxd.net/usermatch.gif?_kuid=OtNDA5e_&partner=bluekai&bk_uuid=$_BK_UUID

Request Chain 165

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PW9KC3IYM5oz_uj-0iTCrgJHsqfxoSD3

Request Chain 167

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OtNDA5e_&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OtNDA5e_&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=12555411306036106841711287899037149146

Request Chain 168

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=3029798555364290854

Request Chain 169

https://ib.adnxs.com/mapuid?member_id=1780&user=OtNDA5e_ HTTP 307
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNDA5e_

Request Chain 171

https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGSG0-19-46XQ&gdpr=0

Request Chain 172

https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNDA5e_&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

Request Chain 173

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OtNDA5e_ HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-B86CHBZE2puXYSWDjzEG509bimxfPLC7ag--~A

Request Chain 174

https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
https://sync.navdmp.com/sync?prtid=30&salid=OtNDA5e_

Request Chain 175

https://sync.1rx.io/usersync/krux/OtNDA5e_?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/krux/OtNDA5e_?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1646790368506 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003

Request Chain 394

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1

Request Chain 395

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YigG4su6hBJpfmHL2jvNiwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEhvXUEz0KxIWdPlhI2Wyg&google_cver=1

Request Chain 397

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAyOTc5ODU1NTM2NDI5MDg1NA%3D%3D

Request Chain 423

https://gcdn.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/5B65AEDB57157FD2A29E96B65763834F7E2C7D56.A78D5589C2427522FA8D2F95B0339D0BB7EC2B5A/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/15196F5E2A104B5F52EB4E55F65DAB4D15565C82.269530C9E79581EBA9E79BCAF0EDA60B73B9DD95/key/cms1/cms_redirect/yes/mh/k8/mip/2001:ac8:20:3d00:1012:1807:ce74:6496/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1646790032/mv/m/mvi/3/pl/49/file/file.mp4

Request Chain 427

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKUjymdMhgT7x0x2pwxIk2E&google_cver=1&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-tO_OS7NbhcDTmO HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKUjymdMhgT7x0x2pwxIk2E&google_cver=1&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-tO_OS7NbhcDTmO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-tO_OS7NbhcDTmO&google_hm=faOa-P3DQiGd0Tm_L9ZSRw==

Request Chain 430

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE06NpPIl4Oqz1Rvi8ZKAS8&google_cver=1&google_push=AYg5qPIA4T8lLefQo2fVs3ECbOg7tCsKuaV2GrmrKxsASE_gfFrLYb6cG9dDvxYduq3c9o4Rc4ITxhFk9iozAB-vjeE5p1YYukYO HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE06NpPIl4Oqz1Rvi8ZKAS8&google_cver=1&google_push=AYg5qPIA4T8lLefQo2fVs3ECbOg7tCsKuaV2GrmrKxsASE_gfFrLYb6cG9dDvxYduq3c9o4Rc4ITxhFk9iozAB-vjeE5p1YYukYO&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4_l618bGTiS9znNAZbMYuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIA4T8lLefQo2fVs3ECbOg7tCsKuaV2GrmrKxsASE_gfFrLYb6cG9dDvxYduq3c9o4Rc4ITxhFk9iozAB-vjeE5p1YYukYO

Request Chain 431

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKO4l4xridSXGWTtPgF6oXg&google_cver=1&google_push=AYg5qPLZLmWmg_iBbf7mq3wVH4SDqNLi1p5zk-Dc1af1tapLsl5py1D2dxp3fbO84g0y_1lrIyMgjsqy_syB9Cy3yG7fnXVpjKzY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&google_push=AYg5qPLZLmWmg_iBbf7mq3wVH4SDqNLi1p5zk-Dc1af1tapLsl5py1D2dxp3fbO84g0y_1lrIyMgjsqy_syB9Cy3yG7fnXVpjKzY

Request Chain 432

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHwlEiGMGH9NMriOYhq99q8&google_cver=1&google_push=AYg5qPIk_glP7kPTNh1meU90O-cHwGQA1rFeYTG2rTkEp5U74fq0snHwnM-920HfAzU2m3r1vCQ-EkKq_ZWYZbXn7aqMYczDVtRt8A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XM2dkMWlWRTJ1RVFTdUdBVnhWZkp6WlpaaUVwb3RldH5B&google_push=AYg5qPIk_glP7kPTNh1meU90O-cHwGQA1rFeYTG2rTkEp5U74fq0snHwnM-920HfAzU2m3r1vCQ-EkKq_ZWYZbXn7aqMYczDVtRt8A

Request Chain 450

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&google_cver=1&google_push=AYg5qPJLznVnYLibNRzxJAvFyuPCblAIwev2meXfdi_3GKBZ6KMTk0ieeLwI6AfYRi1gywK0euZ1p2ceNjd9xYr-FP9T-iPWf3lF HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&google_cver=1&google_push=AYg5qPJLznVnYLibNRzxJAvFyuPCblAIwev2meXfdi_3GKBZ6KMTk0ieeLwI6AfYRi1gywK0euZ1p2ceNjd9xYr-FP9T-iPWf3lF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N2tMOTFlaGgxTnJMcDA1&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&google_cver=1&google_push=AYg5qPJLznVnYLibNRzxJAvFyuPCblAIwev2meXfdi_3GKBZ6KMTk0ieeLwI6AfYRi1gywK0euZ1p2ceNjd9xYr-FP9T-iPWf3lF

Request Chain 451

https://um.simpli.fi/gp_match?google_gid=CAESEE-YK0X3KLcQ8W5hw1X0abI&google_cver=1&google_push=AYg5qPKw3lPy_ukXvNKLpNXawcJS0WvAieZDRMc72pIEpX4GMhfUq3vIsEwrPz8rAFHz8PnA0jOmetS0I2Xd4A1meAcNm1aAI0ZT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF538E2F9D604F8AA1727D4C4C106654&google_push=AYg5qPKw3lPy_ukXvNKLpNXawcJS0WvAieZDRMc72pIEpX4GMhfUq3vIsEwrPz8rAFHz8PnA0jOmetS0I2Xd4A1meAcNm1aAI0ZT

Request Chain 452

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENXyByLAq-7C6MeA7pLU3ac&google_cver=1&google_push=AYg5qPITj2b5xKuKWNBLZULNAkukZ3qhYNj9mxL_1KNd0f_bBPkpOnfwqXawy42Hw88gE9Q1nhwvpPRBMcw-azIyQmQks38pYP1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPITj2b5xKuKWNBLZULNAkukZ3qhYNj9mxL_1KNd0f_bBPkpOnfwqXawy42Hw88gE9Q1nhwvpPRBMcw-azIyQmQks38pYP1A&google_hm=7LTFwQgTThKdQqRxj-4OkUM

Request Chain 453

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPvi9cgNotaJd8GuUbB4jeY&google_cver=1&google_push=AYg5qPI3Z0msIDuAPnPLXNH4A-Y163TcHOwzc-3dz8PfS9dqlunw4mVYNwhe_-u6nXEmohtIHl5NRey-nCrXh64GlIHQ-yqNpK83 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI3Z0msIDuAPnPLXNH4A-Y163TcHOwzc-3dz8PfS9dqlunw4mVYNwhe_-u6nXEmohtIHl5NRey-nCrXh64GlIHQ-yqNpK83&google_hm=MzY2NzExMjgyMjUwNDgzMTQ0NQ%3D%3D

Request Chain 454

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE06NpPIl4Oqz1Rvi8ZKAS8&google_cver=1&google_push=AYg5qPKrZg8Ulgt1H6X1k0L7YxuP6cHjMm0Ra3GLQydwk9zSDAaeRTMLJwFPN-DaLIEf60PrxZLZpoSEqtocPY2PbCjlwFjEhQNH HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE06NpPIl4Oqz1Rvi8ZKAS8&google_cver=1&google_push=AYg5qPKrZg8Ulgt1H6X1k0L7YxuP6cHjMm0Ra3GLQydwk9zSDAaeRTMLJwFPN-DaLIEf60PrxZLZpoSEqtocPY2PbCjlwFjEhQNH&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FeVrHxEUQ1-VAMZlRUHgYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKrZg8Ulgt1H6X1k0L7YxuP6cHjMm0Ra3GLQydwk9zSDAaeRTMLJwFPN-DaLIEf60PrxZLZpoSEqtocPY2PbCjlwFjEhQNH

Request Chain 455

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEIdRUPJrV4nttRx200imw8&google_cver=1&google_push=AYg5qPKVNbbXm_AFLl0qxaAibNR7sp5PjZHtV4cPRO-y3LyQA6tGBVp_GPoJlVAEw-kCLU5vTPx-vJD29qZuby_YUuD7CrVRoxUj HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKVNbbXm_AFLl0qxaAibNR7sp5PjZHtV4cPRO-y3LyQA6tGBVp_GPoJlVAEw-kCLU5vTPx-vJD29qZuby_YUuD7CrVRoxUj%26google_hm%3DA7otGLiw1k7zgAOS5IsBzlo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKVNbbXm_AFLl0qxaAibNR7sp5PjZHtV4cPRO-y3LyQA6tGBVp_GPoJlVAEw-kCLU5vTPx-vJD29qZuby_YUuD7CrVRoxUj&google_hm=A7otGLiw1k7zgAOS5IsBzlo

Request Chain 456

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFNwEXCV7ynI0TOfLqhr7bU&google_cver=1&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGytTGtGVo_ValCJkvYHXSpwYrDzqnmV8shJvs0Zt7fbImZ1Q HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFNwEXCV7ynI0TOfLqhr7bU&google_cver=1&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGytTGtGVo_ValCJkvYHXSpwYrDzqnmV8shJvs0Zt7fbImZ1Q&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFNwEXCV7ynI0TOfLqhr7bU&google_cver=1&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGytTGtGVo_ValCJkvYHXSpwYrDzqnmV8shJvs0Zt7fbImZ1Q&apid=UPb22c5a2c-9f4a-11ec-84c1-06295dd34c3a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBiMjJjNWEyYy05ZjRhLTExZWMtODRjMS0wNjI5NWRkMzRjM2E%3D&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGytTGtGVo_ValCJkvYHXSpwYrDzqnmV8shJvs0Zt7fbImZ1Q

Request Chain 485

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=b286f29b-9f4a-11ec-a9f0-1bbe6fc50506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

Request Chain 487

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300

Request Chain 492

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

Request Chain 496

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

Request Chain 498

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300

Request Chain 501

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

Request Chain 527

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 528

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 542

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUxMTk5ZGQxMmRlMTEyMzk2YzQ3Y2U5ODA5Njk0OGVkMTAxNmJhNw&gdpr=1&us_privacy=1---

Request Chain 543

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&gdpr=1&us_privacy=1---

Request Chain 544

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/UkCHdedJmBFlMsRelYNrOsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3667112822504831445

Request Chain 546

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP_9UXDAsChM_IhgSoxvv50&google_cver=1

Request Chain 548

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGSG0-19-46XQ&gdpr=1&us_privacy=1---

Request Chain 549

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IWGSG0-19-46XQ&sigv=1&esig=2~6a4947876532a172aeb98c2874addfa64e878378&gdpr=1&us_privacy=1---

Request Chain 577

https://c1.adform.net/serving/cookie/match?party=14&cid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB

Request Chain 578

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YigG5QALpzc_mABB HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YigG5QALpzc_mABB&gdpr=0&gdpr_consent=&_test=YigG5QALpzc_mABB

Request Chain 579

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:426a6228-06e5-4e00-abb9-b739f14239e3&gdpr=0&gdpr_consent=

Request Chain 580

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHbktrN0VVQTRBQUJYVmp2NzBhUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGnKk7EUA4AABXVjv70aQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGnKk7EUA4AABXVjv70aQ&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGnKk7EUA4AABXVjv70aQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 581

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4_l618bGTiS9znNAZbMYuw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 583

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f4ae6228-06e5-4500-9a5c-ce614dc0e7f3

Request Chain 584

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTNGOTdBRDctQzZDNi00RTI0LUJEQ0UtNzM0MDY1QjMxOEJC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 585

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMpKFXGTJxbpFKXt4ejFI1k&google_cver=1

Request Chain 587

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7801910728013205088&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 588

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1075e8bb-e025-4071-ab8f-7861ea456a1d

Request Chain 590

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tzQCnGJE2uUGEpw2HVb.z_1yZ7OeIKQ-~A&gdpr=0&gdpr_consent=

Request Chain 603

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 605

https://pixel.onaudience.com/?partner=214&mapped=E3F97AD7-C6C6-4E24-BDCE-734065B318BB HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=473d769759ab5b2ef12c9e3ca51cac1d&gdpr= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=1075e8bb-e025-4071-ab8f-7861ea456a1d&icm HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=230acba989798bee HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66aedef3-281a-401d-7bb8-901317a52088&reqId=a3d996cb-b735-44ec-4dc1-d39e4ed47421&zcluid=230acba989798bee&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEFnAZCdjlo9IdMjcMGKqnkI&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=66aedef3-281a-401d-7bb8-901317a52088&reqId=a3d996cb-b735-44ec-4dc1-d39e4ed47421&zcluid=230acba989798bee&zdid=1332

Request Chain 606

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB&addseg=19,36,42

Request Chain 608

https://io.narrative.io/?companyId=673&id=pubmatic_id:E3F97AD7-C6C6-4E24-BDCE-734065B318BB HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=b5d16cc0-9f4a-11ec-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:E3F97AD7-C6C6-4E24-BDCE-734065B318BB

Request Chain 609

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3029798555364290854&gdpr=0&gdpr_consent=

Request Chain 610

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=b5f855b6-9f4a-11ec-b522-376fab734c75&gdpr=0&gdpr_consent=

Request Chain 612

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=13c60a89-4e65-4a37-a1e9-b4781ee382ae&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7da39af8-fdc3-4221-9dd1-39bf2fd65247&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 613

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 614

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sUQYUbdAT1uqThIKsU8HDeYUHFuqRB5cs0DjhkQF

Request Chain 615

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5271024674478400257

611 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html Show response
blogs.oglobo.globo.com/capital/post/
Redirect Chain

http://click.assinanteoglobo.com.br/?qs=fac62467e24810197e285ac66955826b772acffa56bff1bc3df1f66cb8ffe73ea79ca076725a225e4d64f6157e25e210c8532752167e83ab
https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

143 KB
40 KB

720ms
249ms

Document
text/html

186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

9fbeaba7f229d9720c18a6b477fbe344f38d8e79d19f3fe15697681d9be0854d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
expires: Wed, 09 Mar 2022 01:47:03 GMT
cache-control: max-age=60
x-frame-options: SAMEORIGIN
content-encoding: gzip
age: 0
x-bip: 799271961 ra10 01 04
via: 2.0 CachOS
accept-ranges: bytes
x-request-id: b3e55ee0-b4b1-4b35-bd17-a4acae57ea5c
x-thanos: 0AB55006

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
X-Cnection: close
Content-Length: 322
Expires: Wed, 09 Mar 2022 01:46:02 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:02 GMT
Connection: keep-alive

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
93 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 01:46:20 GMT
x-content-type-options: nosniff
age: 518383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 01:46:20 GMT

GET
H2 200 api.min.js Show response
p.glbimg.com/api/stable/ 37 KB
14 KB 701ms
225ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.glbimg.com/api/stable/api.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

97b81651ac630805fe9f93b8a9481cc286ddb6240b3964a647371f01bca28641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 930750493 ra09 20 05
age: 3531
content-length: 13484
x-xss-protection: 1; mode=block
x-request-id: 2cf80540-0a5f-4d6c-9687-312cab72ca48
last-modified: Thu, 04 Nov 2021 17:23:50 GMT
x-thanos: 0AB4D005
etag: W/"61841726-9496"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:47:12 GMT

GET
H2 200 lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 11 KB
2 KB 696ms
225ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-openstack-request-id: txc9bcb8e5fcf147cfa57ea-00622797aa
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/css; charset=utf-8
x-timestamp: 1614187079.15655
cache-control: public, max-age=86400
x-trans-id: txc9bcb8e5fcf147cfa57ea-00622797aa
x-request-id: 8070f235-bbdf-4fcb-ae12-0a34692f444d

GET
H2 200 lgpd-lib.min.js Show response
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 46 KB
15 KB 927ms
456ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: gzip
x-openstack-request-id: tx4bf0ac6d61ee4711b2c3c-00622797ab
last-modified: Wed, 24 Feb 2021 17:18:00 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
x-timestamp: 1614187079.14110
cache-control: public, max-age=86400
x-trans-id: tx4bf0ac6d61ee4711b2c3c-00622797ab
x-request-id: bb394d15-291a-42b1-87c2-a85b5802e5fd

GET
H/1.1 200
OK tiny.js Show response
static.infoglobo.com.br/paywall/js/ 211 KB
44 KB 911ms
224ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 87f4764f17ad0c8412030149ce610a59676a61a96ca5144e907f85ad688b19a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:20:50 GMT
Content-Encoding: gzip
Age: 1516
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 44284
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a06565f4-34af2-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 8732

GET
H2 200 contadorDeAcessos.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/paywall/ 9 KB
3 KB 771ms
243ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/paywall/contadorDeAcessos.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

38940e363338f26853ceffa226701e8d5384881d5d87c6592571eae5c7a70c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 113815521 ra09 20 10
age: 0
x-xss-protection: 1; mode=block
x-request-id: bcdb5765-3169-4a69-bf27-1895b732453a
last-modified: Tue, 08 Mar 2022 13:37:14 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0a-244a"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:04 GMT

GET
H2 200 jquery.cookie.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.0/ 2 KB
2 KB 44ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.3.0/jquery.cookie.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0457619e889bb98d0956ad96f21be1ca143f509d9110a91ed9f6ecf5f6eff71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10656710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 790
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-83e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf4IthWWpZU3zwb%2BU0TNvy4dpiQ7MJ3qZJOSIksq5gANDZ5Q4LPLyNbaEvF7pGclzVuYJWDsYrPkyWr7v3%2BSAhUNCwnpSVw6%2FOjYt9EESxYxL72NzGpVmPWHzghDC2XzHS3p5MwmTyNrvJZ5lDsHmsPz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e90227b595401e7-ZRH
expires: Mon, 27 Feb 2023 01:46:03 GMT

GET
H2 200 gtm_utils.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 3 KB
2 KB 758ms
230ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/gtm_utils.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d6179b15e275f1930d1c77b0ec2dbdeda42aeeb0e17eda9b1ee044f903a3c7b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 133097200 ra09 20 10
age: 251
content-length: 1207
x-xss-protection: 1; mode=block
x-request-id: ef4095bf-c755-41ad-9c3e-d5abc2ab3761
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-d3f"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:52 GMT

GET
H/1.1 200
OK oglobo-header.css
oglobo.globo.com/styles/ 21 KB
5 KB 903ms
224ms Stylesheet
text/css 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/styles/oglobo-header.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

38361b977916afb5f09c1f2157db6c842f5db6d306d5e40284c5caa6ce6094fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 19:24:27 GMT
Content-Encoding: gzip
Age: 2442096
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 4046
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:12:52 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a044b019-52ce-5d5767194fd00"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 319518

GET
H/1.1 200
OK oglobo-header.js Show response
oglobo.globo.com/1/scripts/ 4 KB
2 KB 228ms
224ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/1/scripts/oglobo-header.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

f3355d125a40e2768830335c83f9291cd2295b30024933c846dd4f6ffc696503

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 19:24:23 GMT
Content-Encoding: gzip
Age: 2442102
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 1163
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:11:12 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a03ce447-fa4-5d5766b9f1c00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 174487

GET
H2 200 advertising.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/ 3 KB
1 KB 457ms
454ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/advertising.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

83af4fd59e9a2f531978f17f7b434836faa02c757f1f4fd5b3aff2c15a639695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 132412907 ra09 20 10
age: 0
content-length: 905
x-xss-protection: 1; mode=block
x-request-id: d8acc36b-55b5-4acb-8c64-cdcd0f09b7e4
last-modified: Tue, 08 Mar 2022 13:37:14 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0a-acd"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:06 GMT

GET
H2 200 moscow-g3d80f41d9_1920.jpg
s2.glbimg.com/A0QdtxYQ8xkhm9BJIyW4zHT6Sng=/645x388/top/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/03/ 48 KB
48 KB 910ms
240ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/A0QdtxYQ8xkhm9BJIyW4zHT6Sng=/645x388/top/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/03/moscow-g3d80f41d9_1920.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 94b5dd61b7f17620effdd58ef97deceb06ab22d3198a8890ac4deb93438f7ef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-bip: 154969137 ra03 11 08
age: 0
etag: "568518a434a4197d71f5cc7a757df01f647eb320"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 48940
x-request-id: db077eec-d350-4a5e-8400-065b0dfaca93
expires: Fri, 08 Apr 2022 01:46:07 GMT

GET
H2 200 comment-widget.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/ 231 KB
85 KB 232ms
228ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/comment-widget.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 9e01b976b7f5816aa7b3c8fed296556636ff49db3550debb7d96b4d9576f45a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-openstack-request-id: tx946efe626176483e8a71d-00620be7c3
last-modified: Wed, 09 Sep 2020 12:15:32 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1599653112.000000
x-timestamp: 1599653731.08521
cache-control: public, max-age=7776000
content-type: application/javascript
x-trans-id: tx946efe626176483e8a71d-00620be7c3
x-request-id: afaff10c-d4ff-4f96-8805-968aaafba423

GET
H2 200 read-too.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 2 KB
1 KB 232ms
232ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/read-too.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

18765da68fc25d0a5b50b9983466d6ad6e5f87d49865337bb8b241820e68f2cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 137794873 ra09 20 10
age: 294
content-length: 715
x-xss-protection: 1; mode=block
x-request-id: 18176bec-c85f-47e3-ac7a-45cbe47430d6
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-764"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:10 GMT

GET
H2 200 carousel-oglobo.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 8 KB
3 KB 231ms
227ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/carousel-oglobo.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

965f794992207e65a370768510a64b8d387a590c12cbe0f893452440e863b45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 137600505 ra09 20 10
age: 295
content-length: 2604
x-xss-protection: 1; mode=block
x-request-id: 33f38101-7dff-4d32-bf90-aa61d66e9810
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-20c9"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:11 GMT

GET
H/1.1 200
OK oglobo-footer.js Show response
oglobo.globo.com/1/scripts/ 3 KB
2 KB 452ms
225ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/1/scripts/oglobo-footer.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

1bdd1864731bd92a02ecef0e293d581de9422838338d659c591d74814ecb21f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 19:27:25 GMT
Content-Encoding: gzip
Age: 2441921
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 845
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:11:12 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0366b7a-a3e-5d5766b9f1c00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 174269

GET
H2 200 iframe_wrapper.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 615 B
699 B 238ms
238ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/iframe_wrapper.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

83d5ada38cfff8645213b90228afa64c0cb7f47c57b144ed1c8e28e9f204c3ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 137794874 ra09 20 10
age: 0
content-length: 287
x-xss-protection: 1; mode=block
x-request-id: 81d3284d-5663-4c1c-a9ec-5bf674f25732
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-267"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:04 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 158ms
37ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:04 GMT
Content-Encoding: gzip
Age: 691
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CE4)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 froogaloop2.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/ 2 KB
1 KB 237ms
237ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/froogaloop2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

be8b51ffb37d864a2ba662d9de815277a243daac644b4f911cb648908c356a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 11651330 ra09 20 10
age: 0
content-length: 748
x-xss-protection: 1; mode=block
x-request-id: 89e8453a-9997-4f5e-b9c7-7fd98500f4f6
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-605"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:04 GMT

GET
H2 200 glbVideosBox.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/ 12 KB
5 KB 235ms
235ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/glbVideosBox.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

8b82fda809fc2f47f3da083ded89972d3f87f4f81002327d56a0de29c7033b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 11651332 ra09 20 10
age: 0
x-xss-protection: 1; mode=block
x-request-id: b0657595-1612-495f-9978-a2df0d1256a8
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-3032"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:04 GMT

GET
H2 200 glbVideosBox.css
i.glbimg.com/og/ig/infoglobo1/static/widgets/css/box_videos/ 3 KB
2 KB 235ms
235ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/css/box_videos/glbVideosBox.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

4ad22ce680fcf13523048c47590c38aaf156a6b12c4c067fdec0423da551eb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 137040810 ra09 20 10
age: 0
x-xss-protection: 1; mode=block
x-request-id: 8ddbe40d-a815-4af0-a47e-105a09bbaf59
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-db9"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:05 GMT

GET
H2 200 instafeed.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 6 KB
3 KB 235ms
235ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/instafeed.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6565dcce8b48f2d1b28e6a0c3c8e774430eb648873c29fd7e6169cb8fabc1697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 129137809 ra09 20 10
age: 0
x-xss-protection: 1; mode=block
x-request-id: d29500a8-aa1e-4268-98ed-92ffa911f442
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-1843"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:05 GMT

GET
H2 200 modernizr.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 11 KB
5 KB 234ms
234ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/modernizr.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

daf4e71749c1a66c6dbf7fcbf3e0f58154b212aaf499dbf290f740a57f1c5f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 138873513 ra09 20 10
age: 0
x-xss-protection: 1; mode=block
x-request-id: 58a367c0-74e9-4101-8805-8cca34690b9f
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-2bfc"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:05 GMT

GET
H2 200 scripts.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 7 KB
3 KB 225ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/scripts.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

bb86167c7e059811c8d81abab96888c31270725e6c853d8627707aad79a477da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 55817602 ra09 20 10
age: 14
content-length: 2438
x-xss-protection: 1; mode=block
x-request-id: 66b680b2-1e52-49d7-84c5-5b903670be77
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-1ce8"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:50:51 GMT

GET
H2 200 advertising.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 3 KB
1 KB 456ms
452ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/advertising.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6904824ca3d73b24a9f42562d3ffc0c5c5b5215f7070f07a46de38f4bde7a431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 18787969 ra09 20 10
age: 0
x-xss-protection: 1; mode=block
x-request-id: 941d9efa-98de-44a4-b530-d68e9797bfdf
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-bcb"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:06 GMT

GET
H2 200 lazyload-pics.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
996 B 455ms
452ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/lazyload-pics.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2855bde15b744f89d54f309df7cdeb9623e612a0b6c3ad1d4f4871bf800b62b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 24785805 ra09 20 10
age: 0
content-length: 585
x-xss-protection: 1; mode=block
x-request-id: 2bbe57a6-96d7-4161-8de4-8e32feda46df
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-5d3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:06 GMT

GET
H2 200 popup-menu.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
756 B 225ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/popup-menu.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a7238920c10d0793c6ae08536b413cab8ed0a38e67e5b37e136b9cfaf3f98ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 136786325 ra09 20 10
age: 251
content-length: 344
x-xss-protection: 1; mode=block
x-request-id: 7eff5a83-5419-4471-8a63-e18c52010654
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-407"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:54 GMT

GET
H2 200 social-share.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 2 KB
1 KB 232ms
227ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/social-share.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

4cc032573bae338501e8313c028ce05b979c93b2370d3bdbf3a35eb59eb6c9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 129923805 ra09 20 10
age: 251
content-length: 676
x-xss-protection: 1; mode=block
x-request-id: 5af48b4a-2468-4333-8399-6614cfab71a3
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-78f"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:55 GMT

GET
H2 200 clipboard-email.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 1 KB
1011 B 457ms
452ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/clipboard-email.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

cc89a2874cb232f34cec4cbe24fcb9ec4d046edecf739cbd448d23958217cb7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 129923806 ra09 20 10
age: 0
content-length: 600
x-xss-protection: 1; mode=block
x-request-id: 06cc9343-d128-4ad2-8ec7-b967897a1d8f
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-572"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:06 GMT

GET
H2 200 header-more-than-10.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/ 309 B
620 B 456ms
451ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/header-more-than-10.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

6b14236bbf1fa5f3b3c4ad5fc7709e1f220e8355886a60a6b5908fa90254bbf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 131495600 ra09 20 10
age: 0
content-length: 209
x-xss-protection: 1; mode=block
x-request-id: 5f6025f0-68f9-455b-af4e-67e9f9d6981a
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-135"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:06 GMT

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 455ms
453ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 61577749b4423c492bfe2f3bfff475e3397fb3738794c289f783be6b03457194

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-openstack-request-id: txb9a2394bee434412ace9f-006228066b
last-modified: Fri, 04 Mar 2022 16:44:48 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1646412287.20375
cache-control: public, max-age=180
x-trans-id: txb9a2394bee434412ace9f-006228066b
x-request-id: e1751577-12ec-42f2-903a-15019d696d96

GET
H2 200 sticky-fullbanner.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/js/ 6 KB
2 KB 226ms
225ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/js/sticky-fullbanner.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

3fa98539b048ed8be50c16179bf796ec57cbc7721fee317bdb21e8519a157487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 6760531 ra09 20 10
age: 13
content-length: 2133
x-xss-protection: 1; mode=block
x-request-id: abe54690-a64c-4d60-bd9c-888f4819642c
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-17a3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:50:50 GMT

GET
H2 200 cycle2.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 23 KB
8 KB 238ms
238ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/cycle2.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f442b7ee7eddcc4dbea9173e4286180f880016a912175834a7904c6b9fb66d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 135081814 ra09 20 10
age: 0
x-xss-protection: 1; mode=block
x-request-id: 3874e6f2-f71b-4143-a351-dd776963e5eb
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-5a0a"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:04 GMT

GET
H2 200 cycle2.swipe.min.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 1 KB
953 B 235ms
235ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/cycle2.swipe.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

98a154949f988eb6ba60269500c8a4557b47d0f52a4f45cc5c82eaa04ca0945a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 136160336 ra09 20 10
age: 0
content-length: 542
x-xss-protection: 1; mode=block
x-request-id: b83e012e-7f9e-4318-9cac-163cd83eed55
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-4fd"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:04 GMT

GET
H2 200 detect-private-browsing.js Show response
i.glbimg.com/og/ig/infoglobo1/static/_js/ 3 KB
1 KB 225ms
224ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/_js/detect-private-browsing.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

820cd1061ff66e21080de6746083e199cddb639b2070f7713b95f7aa8ea43c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 133097227 ra09 20 10
age: 253
content-length: 846
x-xss-protection: 1; mode=block
x-request-id: a5e419ec-2043-4e79-879f-16009b02eba9
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-a1b"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:51 GMT

GET
H2 200 auto-resize-media.js Show response
i.glbimg.com/og/ig/infoglobo1/static/blog/_js/ 1 KB
984 B 234ms
234ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/auto-resize-media.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

2a0b922d729ee8d6c57e9a1ca8edec7f0da91610c3be49e045f3e19b51e74f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 138873511 ra09 20 10
age: 0
content-length: 573
x-xss-protection: 1; mode=block
x-request-id: 8cfa5d9b-b737-4d90-8557-53e0709517d0
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-4f3"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:05 GMT

GET
H2 200 barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 22 KB
5 KB 684ms
225ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d1de187546e564a61ba6a5a86a44a6212ebac1e93e0e5e6980e1d300bdeba36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 163893471 ra11 03 14
age: 463651
content-length: 5096
x-xss-protection: 1; mode=block
x-request-id: a84ae67c-ed89-4100-a84b-2fa1a7c61e8d
last-modified: Thu, 03 Mar 2022 15:23:31 GMT
x-thanos: 0AB5D038
etag: W/"6220dd73-588f"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 10 Mar 2022 16:58:34 GMT

GET
H/1.1 200
OK advertisement.js Show response
ogjs.infoglobo.com.br/1462389483/js/ 54 B
493 B 904ms
224ms Script
text/javascript 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://ogjs.infoglobo.com.br/1462389483/js/advertisement.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

aad4dd2e4a2cad3ffc9de8feca664b6ab4712fe65746c912191c2cb544b35b49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 19:23:24 GMT
Age: 2442162
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 54
Last-Modified: Thu, 13 Jan 2022 13:11:12 GMT
Server: Apache
ETag: "a05b6a27-36-5d5766b9f1c00"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 799907

GET
H2 200 home.css
i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/ 49 KB
11 KB 229ms
227ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

3bbf6a0a03aa7b5c5fa5d4db224503f9578dafa7de54b0682f650c1b2e0aa129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 137600506 ra09 20 10
age: 254
content-length: 10494
x-xss-protection: 1; mode=block
x-request-id: 0cbfb838-736d-4a28-8543-70e64f23b31c
last-modified: Tue, 08 Mar 2022 13:37:17 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0d-c3ae"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:52 GMT

GET
H2 200 mais-blogs.css
i.glbimg.com/og/ig/infoglobo1/static/widgets/css/ 580 B
677 B 234ms
234ms Stylesheet
text/css 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/css/mais-blogs.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

c4ba9c3b4b570311f0aa547c37d279e5b2aa456cba0721f0b6456ec38d61b3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 51176084 ra09 20 10
age: 0
content-length: 276
x-xss-protection: 1; mode=block
x-request-id: f9bb6bfa-078c-4598-ab38-3887bd8667e7
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-244"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:07 GMT

GET selected-alternatives
globo-ab.globo.com/v2/ 0
0

GET
H2 200 mais-blogs.js Show response
i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/ 2 KB
1 KB 234ms
234ms Script
application/x-javascript 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/mais-blogs.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a56a3653f34e27cf4fa8dbe6d066fd075f7285a756440c18237972e0bc6f7695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 54616431 ra09 20 10
age: 0
content-length: 766
x-xss-protection: 1; mode=block
x-request-id: 8603a61d-30b7-4d38-962e-f4a778d4c496
last-modified: Tue, 08 Mar 2022 13:37:15 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0b-757"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
74 KB 47ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

631024090aaed540bc78e498040ff4ab08d4f69cdf75e5c097245ccf52ab7bb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75593
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 00:22:23 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 09 Mar 2022 01:46:07 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 131 KB
28 KB 32ms
12ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4dd4c70ae62d71f14dc1176521ccdb5a90f6d52727afef664975f0c570187d0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Fri, 04 Mar 2022 15:04:42 GMT
server: AkamaiNetStorage
etag: "90cad5caab2071f870ac9f0d994d5049:1646406282.757994"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 28120
expires: Wed, 09 Mar 2022 01:51:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bfddff51137126ee6e05513ca3b308f36627d3432cd9b05850e94586aee9810

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: t3HW40TQAYciu3iagDUuJQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 09 Mar 2022 01:51:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: Jmz6I1qt2hiJmJUxaBQ/85ZvyGdmmPBlKqFirXLL41OHBLhXgIT0CegS7KqJbRt9jJlcdLCGXL4KHbvAbz/ssg==
x-fb-trip-id: 917726464
x-fb-content-md5: 45d6faf4fe4f36faa514c2fd47900af4
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 09 Mar 2022 01:46:07 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a170d8279d0768159db08c24edda6d64"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK header.html Show response
oglobo.globo.com/ 91 KB
33 KB 921ms
227ms XHR
text/html 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/header.html?cache=true

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-header.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

05af8881e716fb64dc6a8f0e821a91492a53f451133b46e3835829f77d409385

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 00:16:59 GMT
Content-Encoding: gzip
Age: 5348
grace: none
X-Cache: HIT
X-Cache-Hits: 950
Strict-Transport-Security: max-age=15768000
Content-Length: 33305
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: public, max-age=14400
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Wed, 09 Mar 2022 00:18:59 GMT

GET
H2 200 close.png
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/ 1 KB
1 KB 242ms
241ms Image
image/png 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/close.png

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

46b5e251620a83a6e7b8bd777226f41f87f41cab1b11291db3d872cd93d78ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 131495629 ra09 20 10
age: 0
content-length: 1036
x-xss-protection: 1; mode=block
x-request-id: 1b7df653-e6c7-403f-96ca-90ff2ac33791
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: "62275c0c-40c"
vary: Origin
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:07 GMT

GET
H2 200 ico-circle.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 781 B
888 B 242ms
242ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-circle.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f411ed8284b38cc0d295fffe96d3b626a09b446113253a999a30fa15bca7b525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 135840792 ra09 20 10
age: 0
content-length: 483
x-xss-protection: 1; mode=block
x-request-id: abd51802-4d5a-4095-9e46-2aad6464f2b5
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-30d"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:07 GMT

GET
H2 200 ico-arrow-back.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 527 B
728 B 240ms
240ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-arrow-back.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

a595576eeab89707bc27f276a7b81404f36575c6af9fa872533ab0856aed7f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 135442641 ra09 20 10
age: 0
content-length: 323
x-xss-protection: 1; mode=block
x-request-id: 9efd68fa-17a9-4f60-8bbb-6992b2059f12
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-20f"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:07 GMT

GET
H2 200 WhitmanDisplayCond-Bold.OTF
i.glbimg.com/og/ig/infoglobo1/static/blog/_font/redesign2019/ 79 KB
79 KB 687ms
226ms Font
application/x-font-otf 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_font/redesign2019/WhitmanDisplayCond-Bold.OTF

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

f0d956a19224d2a65308e4643a6a96418fe8e1bf93e563fc59c0a9ed9b2945c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 287518379 asra03mp05lx02ca06.globoi.com
age: 91
content-length: 80404
x-xss-protection: 1; mode=block
x-request-id: d284aee4-b6cd-420b-821f-2cce9c2f54bb
last-modified: Tue, 08 Mar 2022 13:37:17 GMT
x-thanos: 0AB1D111
etag: "62275c0d-13a14"
vary: Origin
content-type: application/x-font-otf
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:49:36 GMT

GET
H2 200 capital.png
i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 41 KB
41 KB 234ms
234ms Image
image/png 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/capital.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-15.prt.globo.com

Software

Resource Hash

6b7df0428be75551f9bffab8b58cf14bafb6f9d445713127de4e11a1c2e32385

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 137532145 ra09 20 10
age: 0
content-length: 41918
x-xss-protection: 1; mode=block
x-request-id: 8e463eda-6907-46a0-82a9-879f79762253
last-modified: Tue, 23 Jun 2020 17:51:42 GMT
x-thanos: 0AB4D01E
etag: "5ef2412e-a3be"
vary: Origin
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:51:07 GMT

GET
H2 200 ultimos-posts.json Show response
blogs.oglobo.globo.com/capital/ 3 KB
1 KB 235ms
234ms Fetch
application/json 186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/capital/ultimos-posts.json

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/read-too.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

34a455c49a215b4b1585a50a333de3168bdf43fcb3f8cf2ebe9c0682077790cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-bip: 785277645 ra10 01 04
age: 0
content-length: 1120
x-request-id: a6a95b02-98cb-4f84-b287-d5f47654d2d4
last-modified: Wed, 09 Mar 2022 01:41:13 GMT
x-thanos: 0AB55006
x-frame-options: SAMEORIGIN
etag: W/"622805b9-a73"
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
content-type: application/json
via: 2.0 CachOS
cache-control: max-age=60
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:47:07 GMT

GET
H2 200 mais-blogs.json Show response
blogs.oglobo.globo.com/economia/ 5 KB
2 KB 232ms
231ms Fetch
application/json 186.192.81.15
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://blogs.oglobo.globo.com/economia/mais-blogs.json?callback=mais-blogs

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/redesign2019/mais-blogs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.15 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-15.prt.globo.com

Software

Resource Hash

970393858e7d53e75804236a5451803d08db2f67a819ed452ad06cf9b487813a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-bip: 643719800 ra10 01 04
age: 30
content-length: 1854
x-request-id: 2a1a10d2-5faf-457d-8a86-bbcd56804d9f
last-modified: Wed, 09 Mar 2022 01:44:04 GMT
x-thanos: 0AB55006
x-frame-options: SAMEORIGIN
etag: W/"62280664-149d"
vary: Accept-Encoding, X-Forwarded-Proto, X-Mobile-Group
content-type: application/json
via: 2.0 CachOS
cache-control: max-age=60
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:37 GMT

GET
H2 200 ico-key.svg
i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ 1 KB
1 KB 439ms
438ms Image
image/svg+xml 186.192.91.8
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.glbimg.com/og/ig/infoglobo1/static/blog/_img/redesign2019/icons/ico-key.svg

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.8 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

34f6d98ef7d173daed822d375453e08ce1de893b84d58b0b24a7f4ec69ccf899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_css/redesign2019/home.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 137532147 ra09 20 10
age: 250
content-length: 672
x-xss-protection: 1; mode=block
x-request-id: 806e5bab-41e5-4bbb-a840-7db99244e8a7
last-modified: Tue, 08 Mar 2022 13:37:16 GMT
x-thanos: 0AB4D01E
etag: W/"62275c0c-46a"
vary: Accept-Encoding, Origin
content-type: image/svg+xml
via: 2.0 CachOS
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 01:46:57 GMT

GET
H2 200 barra-globocom.min.js Show response
barra.globo.com/gl/ba/oidcprodutos/js/ 46 KB
17 KB 231ms
231ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

82cd1b61b349324e102d58679583114bd5b2620347f422ad05851b825a926748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 162821870 ra11 03 14
age: 463655
content-length: 16645
x-xss-protection: 1; mode=block
x-request-id: 69dba6f5-ce48-48cd-96f7-e228cabe822b
last-modified: Thu, 03 Mar 2022 15:23:29 GMT
x-thanos: 0AB5D038
etag: W/"6220dd71-b991"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 10 Mar 2022 16:58:32 GMT

GET
H/1.1 200
OK footer.html Show response
oglobo.globo.com/ 2 KB
2 KB 912ms
227ms XHR
text/html 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/footer.html?cache=true&env=PRD

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-footer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

3c47e0a59a72649f45f26c3a8bfb761ba01d8c2d73e21d2667ffbc86483bc627

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 00:26:27 GMT
Content-Encoding: gzip
Age: 4780
grace: none
X-Cache: HIT
X-Mod-Pagespeed: Powered By mod_pagespeed
Strict-Transport-Security: max-age=15768000
Content-Length: 711
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: public, max-age=14400
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Expires: Wed, 09 Mar 2022 00:28:13 GMT
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 209

GET
H2 200 mzu1nbrnvusvyniznju3mduwnzzns7u0dtnsntiyndaa0jmpzfm5mbazaka2xqa.jpeg
s2.glbimg.com/Alv9JuL6B1TtL8bGIVRV9dAOTOw=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2022/01/19/ 54 KB
54 KB 284ms
284ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/Alv9JuL6B1TtL8bGIVRV9dAOTOw=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2022/01/19/mzu1nbrnvusvyniznju3mduwnzzns7u0dtnsntiyndaa0jmpzfm5mbazaka2xqa.jpeg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3acb755106abd2461993d7a289ae6b7aeb23545b3b58a0c62bd51e13784c6322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-bip: 156047883 ra03 11 08
age: 1915852
etag: "23c140bfc12b4ac61d5b0dffaab36480a4a9ebc4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 54864
x-request-id: d86a3c08-1816-4e42-ab54-806aafa46f5f
expires: Wed, 16 Mar 2022 21:35:14 GMT

GET
H2 200 screen_shot_2021-02-22_at_11.36.39.png
s2.glbimg.com/NApnWugyZZHEDyJgxBkbhwpK2cM=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/02/22/ 33 KB
34 KB 330ms
330ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/NApnWugyZZHEDyJgxBkbhwpK2cM=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/02/22/screen_shot_2021-02-22_at_11.36.39.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 727d7ead652b7ab490f74c3ebc2fb4ca7d2b36ad2242adda2606ea06a146247a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-bip: 155395134 ra03 11 08
age: 1915852
etag: "03c0933d6bd9e7fc959105b1a02956e7e80157ff"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 34282
x-request-id: 8d8e2af0-5e2b-4cdb-8fa7-b8b812d336c8
expires: Wed, 16 Mar 2022 21:35:14 GMT

GET
H2 200 captura_de_tela_2021-11-25_as_21.14.57.png
s2.glbimg.com/sj6nePf_jUxnmPmo8mfyQRk3CDc=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/11/25/ 48 KB
49 KB 330ms
330ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/sj6nePf_jUxnmPmo8mfyQRk3CDc=/645x388/i.glbimg.com/og/ig/infoglobo1/f/original/2021/11/25/captura_de_tela_2021-11-25_as_21.14.57.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 453d803613f7b94663cffa5e2cd1a4abd6b9b9c1c63122e60a375ca79d41194b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-bip: 153504098 ra03 11 08
age: 1915852
etag: "2f6d9aa11d93943f8d1a3ec96e238c0981062c1c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 49334
x-request-id: 01d3061d-e2a7-48fe-81c5-1bc04c41fedd
expires: Wed, 16 Mar 2022 21:35:15 GMT

GET
H2 200 embed.js Show response
oglobo.comentarios.globo.com/assets/js/ 43 KB
13 KB 2136ms
447ms Script
application/javascript 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/assets/js/embed.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/comment-widget/comment-widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

1f093bc730be083fb98900fb68fa27e0601d6117def41701dc6060d272e468aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-trace-id: 948605c0-9cf3-11ec-ade0-73accaa69abf
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Jan 2021 17:53:02 GMT
etag: W/"3116-1774a208830"
vary: Accept-Encoding
content-language: pt-BR
x-xss-protection: 1; mode=block
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: Content-Type
content-length: 12566
x-content-type-options: nosniff

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 50ms
25ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/widgets/js/box_videos/glbVideosBox.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb140898441e0e96c3d2d57cad7572be0ca853db01829bc80684b7e3f0fd278d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Wed, 09 Mar 2022 01:46:07 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 1CE9 319 KB
104 KB 42ms
41ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fblogs.oglobo.globo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 440450
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Mar 2022 01:46:07 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 280 KB
80 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=4c28f966a932a1e9c9b09ee309cd81cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2dadc536c91762be67380a9eea91ad5635acec0f0c62730671a4906304604980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://blogs.oglobo.globo.com/
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: v9UqiRDrQ0bekPoDKbuEdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Mar 2023 23:41:46 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81534
x-fb-rlafr: 0
x-fb-debug: raKwx+CGVRaFcghGbtqyxIVuv5PJxiD+iLbX6BDJBzOoqwwtrfYYc2taKecWXzgrbT9e8BSKX2s+LDPxCD8U6w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c6fef7c47b899c08f3900fb166844f1d
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 01:46:07 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "02f15d70b9754e931f47e423ac683124"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 profiling.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 93 KB
28 KB 240ms
239ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-openstack-request-id: tx1e30c636c12f4104ad820-0062280683
last-modified: Wed, 12 May 2021 17:50:53 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1620841852.71626
cache-control: public, max-age=180
x-trans-id: tx1e30c636c12f4104ad820-0062280683
x-request-id: 522f71a4-aff1-4459-a895-6d19931999f0

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 62ms
33ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 2620
etag: W/"6137b330-4291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6e90229599162325-ZRH
content-type: application/javascript
expires: Wed, 09 Mar 2022 02:02:27 GMT

GET
H2 200 15688_oglobo.js Show response
ads.rubiconproject.com/prebid/ 398 KB
106 KB 39ms
12ms Script
text/javascript 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: af0b787aff69eb51047de80f7feee06dec5d4cf457a73140402e452c0704a142

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 23:41:17 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10130
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 108254
expires: Wed, 09 Mar 2022 04:34:57 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 41 KB
14 KB 236ms
236ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-openstack-request-id: tx9d8dc2b9d53c4e3f99321-006227e629
last-modified: Wed, 22 Dec 2021 23:24:10 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1640215449.32111
cache-control: max-age=86400
x-trans-id: tx9d8dc2b9d53c4e3f99321-006227e629
x-request-id: bb8bcefe-6628-4411-a259-9c4b964ca380

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 233ms
233ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 926769576 ra09 20 05
age: 863
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: feb09294-0279-4c5d-acbb-1360f400b5f3
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB4D005
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:31:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6075
date: Wed, 09 Mar 2022 00:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 09 Mar 2022 02:04:52 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 57ms
35ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55NG4R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 09 Mar 2022 01:46:07 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 30ms
7ms Script
text/plain 2a00:1450:4001:808::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:18:07 GMT
content-encoding: gzip
age: 1680
x-guploader-uploadid: ADPycdvmUbF32aD0CLzuR9J9ReW9xlmO4cYcOrLBYfX3OsbvK1cHigvwL7HMiEhkzzEYustBigsuiA7UCt8RTdRvrf0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Wed, 09 Mar 2022 02:18:07 GMT

GET
H3 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11d213596227dcddbcc50cec2baf32d2d31e4c93c9c8efad3e452e180a5db7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0qdfx/cUJxH+UTzyhMZOpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2168
x-fb-rlafr: 0
x-fb-debug: zN69GclevMNOvAxPOmud4WLw2yC17Es48SQHbUZIlP6iByaivkZgjpEt6jmo5uSUoSvpeoQHnr85XxAkebGZrw==
x-fb-content-md5: 6c6470c75adce7397ac6b8d820047044
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b8af14df59f6b89cf170df77c2ac20cd"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 09 Mar 2022 01:54:19 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: ttxpq/a6elpK/HM1O0QbnKNSaH022XjMvFvPYnsKl5J7/VOkVxM6wlhnkSaQjy3QXQ3Irsnoy71QN1GeH4LLfg==
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

14 KB
6 KB

37ms
8ms

Script
application/javascript

151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Sat, 05 Feb 2022 00:44:37 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000154-IAD, cache-fra19153-FRA

Redirect headers

x-tw-cdn: VZ
Date: Wed, 09 Mar 2022 01:46:07 GMT
Server: ECS (mil/6CF8)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Server-Timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 0

GET
H2 200 2v84n8g15c1895dv.js Show response
cdn.petametrics.com/ 165 KB
48 KB 30ms
12ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/2v84n8g15c1895dv.js?ts=457441
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 26d5bf13e1916e7f19a9d7f2c0ca803dd1c3b7133222992f77e8d45ec4a5f653

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 20:19:41 GMT
server: AmazonS3
x-amz-request-id: VKRYAEKYX9JQDHB4
etag: "7ff22d09d14404816d3c9e109840e5b6"
x-hw: 1646790367.cds165.fr8.hn,1646790367.cds098.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
content-length: 49143
accept-ranges: bytes
x-amz-version-id: OrX5gM9_U23XC_pNmtftFW7rcttwutvK
x-amz-id-2: Kyyc+6hZHe3kSmm1i/wHFDImD7mDv4dlq5i7b57FTRGw7jJn/NICpr1IuXuiTeHSP/TppN26IO8=

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 24ms
7ms Script
application/x-javascript 2600:9000:2156:5600:18:1fcd:34f:cdc1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5600:18:1fcd:34f:cdc1 , United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:13:09 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 22:23:33 GMT
server: nginx
age: 1978
etag: W/"61fc55e5-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iLVUdRmwslDSJxCTKeqaqYD8_zgZOVCfm4OK0E9iJRrZq1CwFh68uw==
expires: Wed, 09 Mar 2022 03:13:09 GMT

GET
H2 200 init.js Show response
api.deep.bi/v3/ 67 KB
24 KB 52ms
21ms Script
application/javascript 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v3/init.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2faf7911101f5a49100c25d25b355d0bf995adcf50525c580864fe42fd6fa9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blogs.oglobo.globo.com/
Origin: https://blogs.oglobo.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 01:46:03 GMT
server: cloudflare
age: 4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-if-error=3600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
cf-ray: 6e9022960b16cc4e-ZRH

GET
H2 200 mariana-barbosa_c0CIDvl.png
s2.glbimg.com/ZVgcIuuMibHQ4CgxfHAEynmSEj4=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 554 B
896 B 410ms
409ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/ZVgcIuuMibHQ4CgxfHAEynmSEj4=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/mariana-barbosa_c0CIDvl.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 38c3fc3506f2f761dcb1ca878305809ef2110b7cc1cccd26612d27c634c8b601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-bip: 150235736 ra03 11 08
age: 1915852
etag: "d354a7868cd81362b1bd3fa8f9132af00c310f83"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 554
x-request-id: c7dee7cb-3a77-4c57-85f1-8c5f7956a831
expires: Wed, 16 Mar 2022 21:35:15 GMT

GET
H2 200 rennan-setti.png
s2.glbimg.com/AETaItOL6-sO-ewsW4ragqUOfd4=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/ 656 B
998 B 410ms
409ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/AETaItOL6-sO-ewsW4ragqUOfd4=/54x54/smart/i.glbimg.com/og/ig/infoglobo1/f/original/autores/rennan-setti.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 494e6d405aa1016160f639a7642bd5b9e9f74eb806bfb982448da2e8bbfbfa23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 2.0 CachOS
x-bip: 152430914 ra03 11 08
age: 1915852
etag: "1beea92a3e8e88c17c57ab42355b21f7b0d77e41"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 656
x-request-id: 14573609-bffc-4f17-9283-a382d0dcabf8
expires: Wed, 16 Mar 2022 21:35:15 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/2fd2ad45/www-widgetapi.vflset/ 152 KB
49 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd2ad45/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45dc5dedead2b778c3973a826902175513d9c1024eb7dae00336f0bf41fb65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 19:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50272
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 01:19:36 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 08 Mar 2023 19:31:30 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 1CE9 232 B
447 B 141ms
118ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=04dc57a8d1d6a2b2d5cc32b0abcfb7eab53d5b77

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fblogs.oglobo.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 09 Mar 2022 01:46:06 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 01:46:07 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 9a221974c6fded6e96df700c64a57eec10c5166a0153b97abc0ac795b072b6d3
content-length: 166

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
310 B 298ms
296ms Script
application/javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b9baa5f8b44b8015ff6c629422c39821d8bca70fc15298a4f4adbfb28fe09b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e902296596f2325-ZRH
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Wed, 09 Mar 2022 02:46:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 30ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=705216002929827&ev=PixelInitialized&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790367726

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 09 Mar 2022 01:46:07 GMT

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 62 KB
5 KB 20ms
7ms XHR
application/json 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 499124536b9ce87a72cd94fe09eb47ff43e76816b293f3ff90f21113e6c63d85

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 00:41:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5404

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 53ms
21ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220309

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bfbda6a39ce7ea80accdd34f44fd40136aea34de371e01e2d7d851a8c530cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20647
x-jsd-version: 1.0.1275
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66d-WzFUWmLiQVcWM4xayPCMmHf7aV0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e902296cb73cc4e-ZRH

GET
H3 200 792893547449051 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/792893547449051?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca774896b89643ab9db841169553bf60196fff1981f16b0db923f6908788f773

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89096
x-xss-protection: 0
pragma: public
x-fb-debug: 0gxPSAclSxIPPtx7aF3GyWfUgvmWVennJe5wd/6WgguQq+lhwQ3/WFcnq7Yj3BIZoP7rvaY3hYSDseurp1Q+vA==
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 69ms
22ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51216819-11&cid=1379110946.1646790368&jid=92611532&gjid=1829331970&_gid=108904428.1646790368&_u=YGBAgEABAAAAAE~&z=1097440083

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 01:46:07 GMT
content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
334 B 16ms
15ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
9ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56037
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 299ms
98ms Image
image/gif 3.209.148.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=oglobo.globo.com&p=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&u=MfbSeugfOp2XDd9&d=blogs.oglobo.globo.com&g=56624&g0=Blogs%2CBlogs%2Fcapital&g1=Rennan%20Setti&g4=post&n=1&f=00001&c=0&x=0&m=0&y=3071&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5816&_c=newstarde&_m=email&_x=newsletter&t=BO1C4rB0HKW8DA4GeVCSTb8RDu8vp_&V=129&i=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20&tz=0&_acct=anon&sn=1&sv=D_4V-9LQvsTChlK3a03pr7B5LFRI&sd=1&im=061b0ff3&_
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.148.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-148-199.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 2003ms
1222ms Image
image/gif 35.80.125.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1646790367868&e=pv&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&page=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=9&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=0cf73921-bb9d-4cac-8477-92b4551eac2e&dtm=1646790367866&vp=1600x1200&ds=1600x3071&vid=1&sid=93ae02e5-8057-4940-ae91-f2e248c03b73&duid=82f245e6-8b4f-4bef-bf62-6f6045b9b586&fp=1963076645
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.80.125.235 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-125-235.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:08 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 __inventory.gif
query.petametrics.com/v1/ 35 B
93 B 120ms
105ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v1/__inventory.gif?ts=1646790367879&jsk=2v84n8g15c1895dv&jsv=20220216&cu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&item=%7B%22opinion%22%3A%5B%22true%22%5D%2C%22content_tier%22%3A%5B%22metered%22%5D%2C%22location%22%3A%5B%22country%3Abrazil%22%5D%2C%22tag%22%3A%5B%5D%2C%22type%22%3A%5B%22website%22%5D%2C%22site_name%22%3A%5B%22Blogs%20O%20Globo%22%5D%2C%22url%22%3A%5B%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%5D%2C%22image%22%3A%5B%22https%3A%2F%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2022%2F03%2F03%2Fmoscow-g3d80f41d9_1920.jpg%22%5D%2C%22title%22%3A%5B%22Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%22%5D%2C%22description%22%3A%5B%22%20Depois%20de%20virar%20p%C3%A1ria%20do%20mercado%20financeiro%20internacional%2C%20a%20R%C3%BAssia%20foi%20retirada%20do%20principal%20%C3%ADndice%20de%20ativos%20de%20mercados%20emergentes%20do%20mundo%2C%20o%20...%22%5D%2C%22locale%22%3A%5B%22pt_BR%22%5D%2C%22id%22%3A%5B%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%5D%2C%22authors%22%3A%5B%22Rennan%20Setti%22%5D%2C%22category%22%3A%5B%22blogs-capital%22%5D%2C%22content_type%22%3A%5B%22post%22%5D%2C%22image145%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2FLI-TZnPDlEMKCqAKffH8D2kHJgY%3D%2F145x87%2Fsmart%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2022%2F03%2F03%2Fmoscow-g3d80f41d9_1920.jpg%22%5D%2C%22image105%22%3A%5B%22https%3A%2F%2Fs2.glbimg.com%2FrkquQ_-9TiTS2ZYJAUlHNl38BsE%3D%2F105x105%2Fsmart%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2022%2F03%2F03%2Fmoscow-g3d80f41d9_1920.jpg%22%5D%2C%22published_time%22%3A%5B%222022-03-03T13%3A37%3A04-03%3A00%22%5D%2C%22modified_time%22%3A%5B%222022-03-03T13%3A37%3A44-03%3A00%22%5D%2C%22section%22%3A%5B%22Capital%22%5D%2C%22protected%22%3A%5B%220%22%5D%2C%22teaser%22%3A%5B%220%22%5D%2C%22sponsored%22%3A%5B%220%22%5D%7D&ttl=0
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 __activity.gif
query.petametrics.com/v3/2v84n8g15c1895dv/a60507ed-5a2e-4928-cb23-85d3b1f59d41/ 35 B
175 B 119ms
104ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/2v84n8g15c1895dv/a60507ed-5a2e-4928-cb23-85d3b1f59d41/__activity.gif?e=pageview&ct=Quanto+o+Brasil+deve+receber+em+investimentos+ap%C3%B3s+R%C3%BAssia+virar+p%C3%A1ria%3F+O+Ita%C3%BA+fez+a+conta++%7C+Capital+-+O+Globo&ccu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&tspl=5873&blst=5638&ist=5865&iet=5871&bdst=5638&bdet=5676&bcttt=10&ts=1646790367882&jsk=2v84n8g15c1895dv&jsv=20220216&cu=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&uid=a60507ed-5a2e-4928-cb23-85d3b1f59d41&sid=c77d978b-9553-4fd4-dfd6-0d08adbb674d&pvid=4796cdd5-4e16-4f30-ed22-6f88efff04ad&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F99.0.4844.51+Safari%2F537.36&l=en-US&os=Linux+x86_64&cet=4g&crtt=-1&cdl=9.6&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 09 Mar 2022 01:46:07 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 whatsapp_image_2022-03-04_at_14.50.08.jpeg
s2.glbimg.com/NAuRldicuB4UyqouXQ-zeOHk4Z8=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/08/ 5 KB
5 KB 357ms
356ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/NAuRldicuB4UyqouXQ-zeOHk4Z8=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/08/whatsapp_image_2022-03-04_at_14.50.08.jpeg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: b3a9e7bc679ebc116c840af5c76289c60568f0d2164d5eab8cd49653df63ad98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 2.0 CachOS
x-bip: 156276336 ra03 11 08
age: 13485
etag: "3e62aeb5da8f9a8fce18669bec4248d10b723907"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 5132
x-request-id: 4ab75847-e743-4ee5-8678-d96450f226d7
expires: Thu, 07 Apr 2022 21:44:47 GMT

GET
H2 200 onibus6.jpg
s2.glbimg.com/NblKzwu-04vAQCfvbS6ydqX4ymw=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2021/06/08/ 4 KB
4 KB 357ms
357ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/NblKzwu-04vAQCfvbS6ydqX4ymw=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2021/06/08/onibus6.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 61893073acff79dc0fd35e21b2f6c9c0d236df8aae52415bd204838a0df6ed23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 2.0 CachOS
x-bip: 151447897 ra03 11 08
age: 30346
etag: "ce4873450b1ee994fb76cc5a3d7a1df45118ed20"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 3994
x-request-id: 173856a6-d307-4b88-aec8-e8ca811cb806
expires: Thu, 07 Apr 2022 17:09:57 GMT

GET
H2 200 captura_de_tela_2022-03-07_as_20.37.12.png
s2.glbimg.com/7D5Du9dJ9Kif1gdNROmZPyN9pLQ=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/07/ 12 KB
12 KB 357ms
356ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/7D5Du9dJ9Kif1gdNROmZPyN9pLQ=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/07/captura_de_tela_2022-03-07_as_20.37.12.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 3f4f66e22dab29237c5e1622824ddda3aeb3f5014d7703cc218aea81dabfa465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 2.0 CachOS
x-bip: 140428859 ra03 11 08
age: 40613
etag: "c521b9195e0bb5374d4da6c52fa5273fd87a10bb"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 11936
x-request-id: 4a03f249-9fe5-47eb-844a-4c83b6819be7
expires: Thu, 07 Apr 2022 14:01:42 GMT

GET
H2 200 1_r-6wcuvnwgpsyftmekvdoa.png
s2.glbimg.com/D6Mx-_PoRcWOOnKO7V3lxjaMCOM=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/06/ 3 KB
3 KB 357ms
357ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/D6Mx-_PoRcWOOnKO7V3lxjaMCOM=/146x87/i.glbimg.com/og/ig/infoglobo1/f/original/2022/03/06/1_r-6wcuvnwgpsyftmekvdoa.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 8ffc333105d525caac0e30a94b5cdc554f1f641d0f45beb775a9042990dd383f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 2.0 CachOS
x-bip: 156798145 ra03 11 08
age: 47821
etag: "ff9be7b682472f79d9c828db5e973a9a5fe4fb31"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 3004
x-request-id: e65218a0-97c7-4b38-a4ed-fb5fb4dfb1d7
expires: Thu, 07 Apr 2022 12:01:52 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/ 3 KB
2 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1064234515/?random=1646790367900&cv=9&fst=1646790367900&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4dbc405e3c1f51657d1ef5324581cdbcc3829ec6eca3536ac0d74c7bca94113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/ 3 KB
1 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984971963/?random=1646790367902&cv=9&fst=1646790367902&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3232f18167d1af8f6deebdc288e207218b49505dcacec946d294f8bedd5015df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 miriam-leitao.png
s2.glbimg.com/7Ky4lKfrK9Wsam9iqy8yeU8pyKI=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 10 KB
11 KB 337ms
336ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/7Ky4lKfrK9Wsam9iqy8yeU8pyKI=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/miriam-leitao.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: e48c4b620fe624c0f4a9805a028ed523a079652ab6db9567e254b91da323e0df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 2.0 CachOS
x-bip: 152430920 ra03 11 08
age: 1917395
etag: "65279e0bb3f918ad45fc3fc0ce8aad88ccc4018b"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 10726
x-request-id: 9a5fb588-f895-4025-971d-b6af631105d9
expires: Wed, 16 Mar 2022 21:09:32 GMT

GET
H2 200 portugal-giro.png
s2.glbimg.com/HGrIJx_6FPwAUS0fZf8FUhsQrkQ=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/ 11 KB
11 KB 337ms
336ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2.glbimg.com/HGrIJx_6FPwAUS0fZf8FUhsQrkQ=/fit-in/200x200/i.glbimg.com/og/ig/infoglobo1/f/original/blog/image_blogueiro/portugal-giro.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 382bcc195ebda71fb88d062a2f285f5a9e1732e991c4182809eab8084bb1da43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 2.0 CachOS
x-bip: 152035155 ra03 11 08
age: 1917457
etag: "9616a79a8b3b667e73a6a69cd131356b4a433def"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000,public
accept-ranges: bytes
x-thanos: 0AB1D01A
access-control-allow-headers: Content-Type
content-length: 11404
x-request-id: ae38fa1b-a0ff-4138-bfc0-0fe8965b885c
expires: Wed, 16 Mar 2022 21:08:30 GMT

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 127ms
108ms Script
text/plain 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=13eadcd1-7afa-4644-bf86-d64d53a5fe58&tw_document_href=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 102
date: Wed, 09 Mar 2022 01:46:08 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: 4c7c26246da604fcd3725dbf1cedc75857156dadd45e87bab96572b8e943f5f1
content-length: 0
strict-transport-security: max-age=631138519

GET
H2 200 adsct
t.co/i/ 43 B
337 B 133ms
117ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=l67dw&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=13eadcd1-7afa-4644-bf86-d64d53a5fe58&tw_document_href=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 09 Mar 2022 01:46:07 GMT
server: tsa_o
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 8753806d91471371e16ebdd2fb76c9eb49c0ed47fdc12d7b77f8afd895f4e232
content-length: 43

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 40ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-11&cid=1379110946.1646790368&jid=92611532&_u=YGBAgEABAAAAAE~&z=628939026

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 39ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-11&cid=1379110946.1646790368&jid=92611532&_u=YGBAgEABAAAAAE~&z=628939026

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
466 B 35ms
14ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 236ms
236ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=201810192058
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-openstack-request-id: txfba49ffb98df40a7afc65-00622804ac
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: txfba49ffb98df40a7afc65-00622804ac
x-request-id: 251a399c-5311-44a4-adc7-8b76dd97e5d9

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
6 KB 227ms
226ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 925564914 ra09 20 05
age: 535866
content-length: 5547
x-xss-protection: 1; mode=block
x-request-id: 77440679-ce90-4a1e-b036-8288a95a9f31
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB4D005
etag: W/"6011d1fe-3759"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 20:55:01 GMT

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 233ms
233ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-openstack-request-id: txc7fafcd9d7ec4a6984002-00619540bc
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: txc7fafcd9d7ec4a6984002-00619540bc
x-request-id: 1f1b6fb6-3008-4f6d-b33a-6cf85d532b63

GET
H3 200 410270039520634 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/410270039520634?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d09e94db96acb4c513ae0008417ee87a4e6eb342fefb29da4ec4419573f6d0f7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89132
x-xss-protection: 0
pragma: public
x-fb-debug: muM7G7I/qs9/ckxjzYaUi3hQaID0NwKxNxvkKK7RvrSOnUIm9KBTS9MVjbOJLgdL1/zWjlzUQ72rnbsdJqV2HQ==
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=792893547449051&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790367963&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646790367961.1756370098&it=1646790367771&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:07 GMT

GET
H2 200 utag.114.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 6 KB
2 KB 15ms
14ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.114.js?utv=202001231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cf8524fe3df4089aaccb94904c865d32a9296371f3595b8d20828501739ac66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:46 GMT
server: AkamaiNetStorage
etag: "9c019eda3facc81fb1d1142a818a7811:1610117206.926317"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2153
expires: Thu, 24 Mar 2022 01:46:07 GMT

GET
H2 200 utag.159.js Show response
tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/ 1 KB
927 B 16ms
16ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a7c39868fc1fc707911067e2198b65860f351942aa5fdca625d52b24de8545bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2021 14:46:45 GMT
server: AkamaiNetStorage
etag: "cc2306e0f9a6ea18b631d36b225520c0:1610117205.684899"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 698
expires: Thu, 24 Mar 2022 01:46:07 GMT

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 227ms
227ms Script
application/x-javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 929671456 ra09 20 05
age: 864
content-length: 969
x-xss-protection: 1; mode=block
x-request-id: 0456288d-674d-4ab3-a4aa-2415d2d7f739
last-modified: Mon, 04 Feb 2019 16:44:48 GMT
x-thanos: 0AB4D005
etag: W/"5c586c00-703"
vary: Accept-Encoding, Origin
content-type: application/x-javascript
via: 2.0 CachOS
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 09 Mar 2022 02:31:43 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
350 B

7ms
7ms

Script
application/javascript

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:26:44 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: wyrW6fZaGScFywSsoxGMzXO8mnJv9V-_OMbtbgVAf01O0Qhiy4M8BA==

Redirect headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: p9Bohl1lW4TnVnsqDMsqU0CxLh14prhtkBE7211u-LE5knSidhoyow==

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1646790367979&ns_c=UTF-8&c8=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790367979&ns_c=UTF-8&c8=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O...

64 B
330 B

8ms
8ms

Image
image/gif

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790367979&ns_c=UTF-8&c8=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: GbYaVKUWFEK-orBYvInxeW7U3Bf3jF8AyWqUdz4g1s266h0MxTtRjA==

Redirect headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1646790367979&ns_c=UTF-8&c8=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
content-length: 510
x-amz-cf-id: p450tgQO6sKPsSTC5WG2ajkpEtsj2Ok-EXGTOS7Hpt3ivCe5c8IlXg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 41ms
20ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51216819-1&cid=1379110946.1646790368&jid=2086853796&gjid=1574834321&_gid=108904428.1646790368&_u=YGDAgEABAAQCAE~&z=290926946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Mar 2022 01:46:08 GMT
content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1775462010&t=pageview&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Feconomia%2Fblogs%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAQCAE~&jid=2086853796&gjid=1574834321&cid=1379110946.1646790368&tid=UA-51216819-1&_gid=108904428.1646790368&gtm=2wg37055NG4R&cd1=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&cd2=&cd3=&cd4=20220303&cd5=13&cd6=&cd7=Rennan%20Setti&cd8=N%C3%A3o&cd9=post&cd10=N%C3%A3o&cd45=Campanha%20-%20newsletter%20%2F%20email&cd46=semente&cd49=economia&cd60=N%C3%A3o&cd82=responsivo&cm1=0&cm2=1&cm3=1487&z=2008954990

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56037
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1064234515/ 42 B
64 B 41ms
24ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1064234515/?random=1646790367900&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=3813003808&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1064234515/ 42 B
64 B 37ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1064234515/?random=1646790367900&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=3813003808&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/984971963/ 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984971963/?random=1646790367902&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=1302324938&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/984971963/ 42 B
64 B 35ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/984971963/?random=1646790367902&cv=9&fst=1646787600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&data=google_custom_params%3Dwindow.google_tag_params%3Bgoogle_remarketing_only%3Dtrue&frm=0&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tiba=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&async=1&fmt=3&is_vtc=1&random=1302324938&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 38ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.114.js?utv=202001231859

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e03356c9dcc487b194fa5d0ae3b43d578c114aeb8225ef28d8d44d4432aac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 842 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ 75 KB
21 KB 26ms
8ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.159.js?utv=201911252026
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 161
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100035-IAD, cache-hhn4076-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1646790368.083537,VS0,VE0
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 5

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 7ms
6ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/infoglobo.oglobo/202203041504&cb=1646790368003
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 09 Mar 2022 01:56:08 GMT

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 62 KB
5 KB 13ms
9ms XHR
application/json 2.19.35.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-35-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 499124536b9ce87a72cd94fe09eb47ff43e76816b293f3ff90f21113e6c63d85

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 00:41:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5404

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 32ms
17ms XHR
application/json 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220309

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87bfbda6a39ce7ea80accdd34f44fd40136aea34de371e01e2d7d851a8c530cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20648
x-jsd-version: 1.0.1275
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19125-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66d-WzFUWmLiQVcWM4xayPCMmHf7aV0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6e9022982e950229-ZRH

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790368031&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646790367961.1756370098&it=1646790367771&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ViewContent&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790368032&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646790367961.1756370098&it=1646790367771&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=ContentData&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790368035&cd[idMateria]=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&cd[dtPublicacao]=20220303&cd[tipoConteudo]=post&cd[conteudoExclusivo]=N%C3%A3o&cd[topicos]=&sw=1600&sh=1200&v=2.9.55&r=stable&ec=2&o=30&fbp=fb.1.1646790367961.1756370098&it=1646790367771&coo=false&tm=2&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:08 GMT

OPTIONS
H2 204 function-hermes
us-central1-white-list-566.cloudfunctions.net/ Frame 0
0 149ms
126ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-white-list-566.cloudfunctions.net/function-hermes
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-max-age: 3600
content-type: text/html; charset=utf-8
function-execution-id: zfw9w7pdwde1
x-cloud-trace-context: 8a19154ce60278a23739377ec4d9e74e
date: Wed, 09 Mar 2022 01:46:08 GMT
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 27 KB
5 KB 225ms
224ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: a0b4ba1e324e044ece6be49b1920184bf4d9250689e1bb2fc551f5d2ae2fe003

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:20:24 GMT
Content-Encoding: gzip
Age: 1543
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 4558
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a03d77f0-6b23-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 9559

GET
H/1.1 200
OK 17.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 6 KB
2 KB 442ms
224ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/17.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: ad60ae41b6900e1f42ff17b3a4fa05d0c5dd7b88470e1bff9dd4fbd7ccbce98b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:20:08 GMT
Content-Encoding: gzip
Age: 1545
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1885
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0615f34-16bd-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
X-Cache-Hits: 9670

POST
H3 200 function-hermes Show response
us-central1-white-list-566.cloudfunctions.net/ 29 B
67 B 233ms
218ms Fetch
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-white-list-566.cloudfunctions.net/function-hermes
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: d5229b2bfadd599d39120f6ff602363038f3a840e0aece62865636f1ac30872f

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
server: Google Frontend
content-type: application/json
access-control-allow-origin: https://blogs.oglobo.globo.com
x-cloud-trace-context: a9063ef6f4c9cfcb81a2a591ca2a2574
cache-control: private
access-control-allow-credentials: true
function-execution-id: hh4fk858sgdb
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-1&cid=1379110946.1646790368&jid=2086853796&_u=YGDAgEABAAQCAE~&z=1446441525

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51216819-1&cid=1379110946.1646790368&jid=2086853796&_u=YGDAgEABAAQCAE~&z=1446441525

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 55ms
54ms Preflight 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9022989c32cc4e-ZRH

GET
H2 200 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 16 B
580 B 82ms
58ms XHR
text/plain 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5973872af9bda3a00d7f8603de773ff917c4a91ed4a9bfb3c1878b8c43509b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 6e9022991f2101f8-ZRH
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
p3p: policyref="http://api.deep.bi/w3c/p3p.xml", CP="ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain; charset=utf-8
content-length: 16
expires: 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
78 B 143ms
142ms Script
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=105963c12141cf5829222d829310&acc=13574&url=https%3A//blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tit=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%F3s%20R%FAssia%20virar%20p%E1ria%3F%20O%20Ita%FA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&h1=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%F3s%20R%FAssia%20virar%20p%E1ria%3F%20O%20Ita%FA%20fez%20a%20conta
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e902298cac12325-ZRH
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
338 B 90ms
28ms Script
text/plain 99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=105963c12141cf5829222d829310
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1646790368
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 21ms
6ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:48:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1013 B
355 B 29ms
15ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7e79043f871892989bbb3093827fea0667f5990b95f4b435a6a44376270c4f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 6ms
6ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
age: 3377896
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 3306220
content-length: 84509
x-served-by: cache-hhn4076-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646790368.136885,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame C44B 805 B
826 B 6ms
6ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 varnish
age: 2514122
x-served-by: cache-hhn4076-HHN
x-cache: HIT
x-cache-hits: 584079
x-timer: S1646790368.177631,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 31ms
13ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
server: ATS/9.1.0.33
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
344 B 70ms
30ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:07 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
836 B 43ms
15ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

nginx/1.21.3 /

Resource Hash

3e72051face9eaa7f106556e51543fe042c2575c63eb2b3f7d931333e4b0dedf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:08 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 60f8fe60-5d13-487a-9cc8-9fd99f0ace99
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 102ms
67ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398996&size_id=16&eid_pubcid.org=05bcd4b4-085c-44fe-8178-5e581c77db85%5E1&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=info.web.oglobo%2Feconomia%2Fblog%2Fcapital&tg_i.page_name=post&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-box-materia.*&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.oglobo%2Feconomia%2Fblog%2Fcapital&tg_i.pbadslot=85042905%2Finfo.web.oglobo%2Feconomia%2Fblog%2Fcapital&tk_flint=dmpbjs_v5.20.0&x_source.tid=ea9dc5cd-97d0-4099-9c66-14a7d755ea9c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4698394805649053
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d4e7f51752ed023acc6c08cf68b0040132947396dc8a4aba324f50b7edd71e5f

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:08 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 1894
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 71ms
35ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=39611539382

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:07 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
301 B 124ms
103ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: e283fe5e269aad6e4940696cd0ca3715c32e9a5ebf7bc3ac96fd7e3b4b38f42d

Request headers

Referer: https://blogs.oglobo.globo.com/
x-openrtb-version: 2.5
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
content-length: 66

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
424 B 63ms
40ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b5019ce9830a8680a33b28ebf4c79ec55c67921e2090a8b9fd7b01864497205

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4082-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790368.270493,VS0,VE29
content-length: 185
x-cache-hits: 0, 0

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/blogs/ 0
322 B 595ms
196ms Image
text/plain 35.215.248.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/blogs/horizon-pageview?object=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&Referrer=&tags=&client_version=0.3.11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.215.248.162 São Paulo, Brazil, ASN15169 (GOOGLE, US),

Reverse DNS

162.248.215.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
34 B 66ms
66ms XHR
text/plain 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e902299ffa301f8-ZRH

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 57ms
56ms Preflight 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9022999c8fcc4e-ZRH

GET
H2 200 sexqhznbn.js Show response
cdn.krxd.net/controltag/ Frame C44B 75 KB
21 KB 18ms
11ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5eb0c95f0d7179c64baa27e947a3e78dc669a72397f690adfec421d751cf3446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 varnish, 1.1 varnish
age: 161
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 20776
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kjyo7100035-IAD, cache-hhn4076-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1646790368.270389,VS0,VE0
etag: "5de8f588c1acbc44ba73a5864b7b57b763c894e2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 6

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 115 KB
11 KB 752ms
224ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-schemas.globo.com/schemas

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.81.117 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-81-117.prt.globo.com

Software

Resource Hash

205f829321df9fe22b15f5e4047370daaaa068193dac04c4bb4eca67d2960c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 748667530 ra09 20 14
age: 1749
vary: X-Forwarded-Proto, Accept-Encoding, Origin
content-length: 11250
x-xss-protection: 1; mode=block
x-request-id: a7f737cc-5f4c-4be5-b2c2-32f5a16c22f8
access-control-allow-origin: https://blogs.oglobo.globo.com
x-thanos: 0AB4D017
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json; charset=UTF-8
via: 2.0 CachOS
cache-control: max-age=7200, public
accept-ranges: bytes

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
837 B 236ms
233ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-bip: 928272521 ra09 20 05
age: 446944
content-length: 431
x-xss-protection: 1; mode=block
x-request-id: 3695b848-4f65-439a-9db8-14822afc40b2
last-modified: Wed, 27 Jan 2021 20:50:06 GMT
x-thanos: 0AB4D005
etag: W/"6011d1fe-34e"
vary: Accept-Encoding, Origin
content-type: text/css
via: 2.0 CachOS
cache-control: max-age=604800
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Thu, 10 Mar 2022 21:37:03 GMT

POST
H2 200 logged Show response
cocoon.globo.com/v2/user/ 189 B
702 B 681ms
230ms XHR
application/json 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash: d47be27f59514c9a16b367bf94db9f5a748fbd1065426e640437724e03d25e4a

Request headers

Referer: https://blogs.oglobo.globo.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-thanos: 0A8490A3
vary: Accept-Encoding
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id: d3f70b64-7110-40e2-99e2-e957c7dc9a24

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 748ms
225ms Preflight 201.7.182.243
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-credentials: true
x-request-id: 7b32f354-9fd2-422c-ac29-bb455e465048
x-thanos: 0A83D0A7

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame C44B 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
age: 3377896
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 3306221
content-length: 84509
x-served-by: cache-hhn4076-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1646790368.283322,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 74ms
27ms Script
application/javascript 2606:4700:3030::6815:5476
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:5476 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1721
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 44JNMB61M3NVDQKK
x-amz-id-2: n9/fJYyUwQqyGHt94QiuaMjG/+keiOaV3UAEUov0/Y2PlXPsklPLoQdY/zJ1LA3yK3lbD8pg5mI=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfdOkuH3S6VRxKJVvZdY0JRSjuOHZUujR9cIqOY6McpgsbiqeikK6gaNudcX0Cnd1%2BomkanyQMymEDs62uxSSEbCskT3dwkhKOZxvnlSvM%2BKu1DShYKYy5XULManrqBofiI3YtRYbxS33T5Jnwk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray: 6e90229a3ff083af-MXP

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ Frame C44B 220 B
260 B 17ms
17ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b5019ce9830a8680a33b28ebf4c79ec55c67921e2090a8b9fd7b01864497205

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4082-HHN
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790368.330270,VS0,VE0
content-length: 185
x-cache-hits: 0, 1

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=google
https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3ROREE1ZV8
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1

0
337 B

31ms
30ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1646790368
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3ROREE1ZV8
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1

0
337 B

31ms
26ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1646790368
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEDesqNGLycErD4aCkmMF3Iw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://stags.bluekai.com/site/26357?id=OtNDA5e_&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOtNDA5e_%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
https://beacon.krxd.net/usermatch.gif?_kuid=OtNDA5e_&partner=bluekai&bk_uuid=$_BK_UUID

0
337 B

35ms
34ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?_kuid=OtNDA5e_&partner=bluekai&bk_uuid=$_BK_UUID
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1646790368
x-served-by: beacon-n020-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?_kuid=OtNDA5e_&partner=bluekai&bk_uuid=$_BK_UUID
Date: Wed, 09 Mar 2022 01:46:08 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PW9KC3IYM5oz_uj-0iTCrgJHsqfxoSD3

0
337 B

59ms
56ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PW9KC3IYM5oz_uj-0iTCrgJHsqfxoSD3
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1646790368
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=PW9KC3IYM5oz_uj-0iTCrgJHsqfxoSD3
date: Wed, 09 Mar 2022 01:46:07 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 3746
content-length: 218
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 p
sb.scorecardresearch.com/ Frame C44B 64 B
441 B 11ms
10ms Image
image/gif 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OtNDA5e_&rn=1646790368
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 1fAOcX7EOTGfIakFOEBJSVVF8uCuug9bDsYcqVqprI_s17pLlNxCxw==

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OtNDA5e_&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OtNDA5e_&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=12555411306036106841711287899037149146

0
337 B

34ms
34ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=12555411306036106841711287899037149146
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=27 t=1646790368
x-served-by: beacon-n003-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS: dcs-prod-irl1-2-v029-0dcaa8f08.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: BeC4RPxCRQI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=12555411306036106841711287899037149146
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=3029798555364290854

0
337 B

75ms
75ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=3029798555364290854
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1646790368
x-served-by: beacon-n016-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:08 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e5bb610b-d363-46a6-bd58-e14652563b74
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=3029798555364290854
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C44B
Redirect Chain

https://ib.adnxs.com/mapuid?member_id=1780&user=OtNDA5e_
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNDA5e_

43 B
844 B

24ms
23ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNDA5e_

Requested by

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:08 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9bab78cb-ae1d-40c5-9eae-76d6fcbd4afc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:08 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 86121990-8312-413e-91a0-e0d4e85b5eb6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOtNDA5e_
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame C44B 42 B
416 B 32ms
15ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=OtNDA5e_
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGSG0-19-46XQ&gdpr=0

0
337 B

31ms
27ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGSG0-19-46XQ&gdpr=0
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1646790368
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location: https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L0IWGSG0-19-46XQ&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usersync
pixel-sync.sitescout.com/connectors/krux/ Frame C44B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=sitescout
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNDA5e_&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID

0
191 B

118ms
24ms

Image
text/plain

66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNDA5e_&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OtNDA5e_&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date: Wed, 09 Mar 2022 01:46:08 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a007-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OtNDA5e_
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-B86CHBZE2puXYSWDjzEG509bimxfPLC7ag--~A

0
337 B

31ms
30ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-B86CHBZE2puXYSWDjzEG509bimxfPLC7ag--~A
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=85 t=1646790368
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 09 Mar 2022 01:46:08 GMT
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-B86CHBZE2puXYSWDjzEG509bimxfPLC7ag--~A
content-length: 0

GET
H2

200

sync
sync.navdmp.com/ Frame C44B
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=navegg
https://sync.navdmp.com/sync?prtid=30&salid=OtNDA5e_

6 B
58 B

147ms
146ms

Image
application/javascript

2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?prtid=30&salid=OtNDA5e_
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e90229c5c3e2325-ZRH
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

location: https://sync.navdmp.com/sync?prtid=30&salid=OtNDA5e_
date: Wed, 09 Mar 2022 01:46:08 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a006-ash-prod.krxd.net

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C44B
Redirect Chain

https://sync.1rx.io/usersync/krux/OtNDA5e_?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/krux/OtNDA5e_?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1646790368506
https://sync.targeting.unrulymedia.com/csync/RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003?redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3DRX-ba2d18b8-b0d6-4...
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003

0
337 B

30ms
30ms

Image
text/plain

99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=72 t=1646790368
x-served-by: beacon-n022-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003
date: Wed, 09 Mar 2022 01:46:08 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXba2d18b8b0d64ef3800392e48b01ce5a003
content-type: text/html

GET getdata.xgi
r.nexac.com/e/ Frame C44B 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 347ms
343ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2071666425811617&correlator=756199409798508&eid=31065488%2C21064365%2C31063247%2C44756894%2C31062931%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cblog%2Ccapital&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Editora.pos%3DTop%26Editora.random%3D6&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646790368410&lmt=1646790368&dlt=1646790363152&idt=5035&biw=1600&bih=1200&oid=2&adxs=315&adys=178&ucis=1&adks=1196243219&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x180&msz=970x150&fws=0&ohw=0&ga_vid=1379110946.1646790368&ga_sid=1646790368&ga_hid=1775462010&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56cd608c2ad62d8012c154b5f23bfa16aeabc9e4de44aca1d87aa75d17184c2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8729
x-xss-protection: 0
google-lineitem-id: 5770128229
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360598294
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
258 B 61ms
58ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2071666425811617&correlator=3751082842184611&eid=31065488%2C21064365%2C31063247%2C44756894%2C31062931%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cblog%2Ccapital&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Editora.pos%3DDhtml%26Editora.random%3D2&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646790368418&lmt=1646790368&dlt=1646790363152&idt=5035&biw=1600&bih=1200&oid=2&adxs=800&adys=3389&ucis=2&adks=2349485139&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x3388&msz=1600x30&fws=0&ohw=0&ga_vid=1379110946.1646790368&ga_sid=1646790368&ga_hid=1775462010&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5765baf490edd35151e0dfd1397685050ecd8cff6bd87666bd6e4373ad83e754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 285ms
282ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2071666425811617&correlator=2249734203153152&eid=31065488%2C21064365%2C31063247%2C44756894%2C31062931%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cblog%2Ccapital&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Editora.pos%3DVitrine&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie_enabled=1&abxe=1&dt=1646790368421&lmt=1646790368&dlt=1646790363152&idt=5035&biw=1600&bih=1200&oid=2&adxs=315&adys=3003&ucis=3&adks=3957576440&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x600&msz=1600x300&fws=0&ohw=0&ga_vid=1379110946.1646790368&ga_sid=1646790368&ga_hid=1775462010&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e00bf408bdd63a9c860413c1bd387d6ad7ad86f0eebbf67b74b998bbcc078ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8738
x-xss-protection: 0
google-lineitem-id: 5770128229
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360598297
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3984 6 KB
4 KB 90ms
16ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 01:46:08 GMT
expires: Thu, 09 Mar 2023 01:46:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK oglobo-footer.css
oglobo.globo.com/styles/ 3 KB
2 KB 227ms
224ms Stylesheet
text/css 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/styles/oglobo-footer.css

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-footer.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

c036d051096780db5070187516c5277d7f6dc7972d6e92e5b6843c07da4a70a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 19:26:10 GMT
Content-Encoding: gzip
Age: 2441997
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 746
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 13 Jan 2022 13:12:54 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a0453365-a1e-5d57671b38180"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 170131

POST
H3 200 / Show response
www.facebook.com/tr/ Frame F4C3 0
15 B 11ms
9ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 01:46:08 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EA80 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 01:46:08 GMT

GET logos.svg
oglobo.globo.com/132/images/ 0
0

GET icons.svg
oglobo.globo.com/132/images/ 0
0

GET logos.svg
oglobo.globo.com/132/images/ 0
0

GET icons.svg
oglobo.globo.com/132/images/ 0
0

GET
H/1.1 200
OK site-header.js Show response
oglobo.globo.com/scripts/ 3 KB
2 KB 228ms
225ms Script
text/javascript 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/scripts/site-header.js

Requested by

Host: oglobo.globo.com
URL: https://oglobo.globo.com/1/scripts/oglobo-header.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

68fa51098bed0736c2c45bdcb8e5b0bad02b2e5a35b4abecdeeb34876bd5547b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 17:26:05 GMT
Content-Encoding: gzip
Age: 721202
grace: none
X-Cache: HIT
Strict-Transport-Security: max-age=15768000
Content-Length: 821
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 14 Feb 2022 16:42:44 GMT
Server: Apache
cache-control: max-age=31535912
X-Frame-Options: SAMEORIGIN
ETag: "a04ccbb7-d1d-5d7fd1b0ba900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 80315

GET
H2 200 cl0iwgs8v5h3adb3kvn Show response
scoring.deep.bi/score/EJntYTLE3eKP/ 2 B
173 B 76ms
74ms XHR
application/json 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scoring.deep.bi/score/EJntYTLE3eKP/cl0iwgs8v5h3adb3kvn?id=deepcookie&column=profile
Requested by: Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: Amp-Access-Control-Allow-Source-Origin, Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
cf-ray: 6e90229bad5ccc4e-ZRH
content-length: 2

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 3 KB
1 KB 172ms
22ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z

Requested by

Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b56ac92d584b8c536b4beb40c42d57794f15bd69a2b4d146c883bb9736603d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 2763
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: C5gdg8rcdHw
wn: prod-exp-10-0-112-65
last-modified: Wed, 09 Mar 2022 01:00:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=1800
cf-ray: 6e90229ced952373-ZRH
expires: Wed, 09 Mar 2022 02:16:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9CE 0
0 45ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAGJHxhBMNaL5QxtCvn4AWMtzBsYy9VYlcYABBvSxgip5HsQfvI0zM5xD12nT1gnSp73-7lY92UA3VP9redVBoADsw7vrC1XF8gQXfv3euT9ML5fGgeRFUylGoChEb2KjFLVGA4b-DuCJE9jsH79Mhp0Lto3MTS2CXQVtHnS6_q4Sb8I3nVxcppYTitrksIClruMbXuUnK9MblZfa5UeLcu-340AUFLyyGyMizEULz5_e8OZN92qBJ4rKCzraGoNghGNw8A6Cq7y0wiiuYPYitf9Kb6GrvQazUYJ-4c91Dm30kox8Wal0uj3t9gJu1Xx83Nv0V9Pn6uFhuTh7VaMxKUpd3EdFqsfCm5Ek&sig=Cg0ArKJSzOBtk463dmDuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E9CE 81 KB
27 KB 16ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e03356c9dcc487b194fa5d0ae3b43d578c114aeb8225ef28d8d44d4432aac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 860 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame E9CE 382 KB
114 KB 73ms
18ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4c8d444e35efe34f5086ccc017f24bbb2806bc086220a70f4861aa79a36568e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:14:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1472-5f935-5d2c071e17d7e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=170403
accept-ranges: bytes
content-type: text/javascript
content-length: 115846
expires: Fri, 11 Mar 2022 01:06:11 GMT

GET
H/1.1 200
OK owHCMR.js Show response
s3.amazonaws.com/script-tags/ Frame E9CE 12 KB
13 KB 405ms
113ms Script
application/javascript 52.216.152.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Last-Modified: Tue, 22 Feb 2022 21:49:42 GMT
Server: AmazonS3
x-amz-request-id: ZYCF9WVGSTCFCTVP
ETag: "b7fc2ea65d2d03573f36101d7316ada7"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12596
x-amz-id-2: VDZJe2eYT75B7zxhzMVuZs7XisiSmzqywv31915jiiNkG445GqnWw5Tmtcl4lYDk9ZyEojy+uJ0=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E9CE 124 KB
38 KB 18ms
17ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A565 0
0 47ms
46ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstypmv9dCZSFU2H79MCBZWm06Zd2aokpDp-jCqV5VBXb6jqupdfFkT9rRUSAxZLbtTRjKgK9bwxQyNxPG8vJpsd2aKisSuuIztAwB78tUNUsV3vqgPL55quBoDFl5xhqBZUu4c9DaTsd02uv57i3vjqhnDZhX6flkVpzcBxOeB2_9A15I0dTIDLudacyobYS7e095r8LFOePU85AQ8xwsCuVDJYiVnUfPqbTsrgGQ4pJTgix2VSjaB67fqRIvcWfsiNmKSpjRb8JKHuUOVBLDrtflyAt1Gc2RiBmyeg5RDiZ8NK2VYUoT5rmR-R65ODTCk0Fkjvgw3Gv5hVTnk-5iAtDL6skTByTGElgZU&sig=Cg0ArKJSzB7jgXtIg5osEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A565 81 KB
27 KB 19ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e03356c9dcc487b194fa5d0ae3b43d578c114aeb8225ef28d8d44d4432aac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27774
x-xss-protection: 0
server: sffe
etag: "1154 / 247 of 1000 / last-modified: 1646780693"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157163/4984/ Frame A565 382 KB
114 KB 50ms
48ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4c8d444e35efe34f5086ccc017f24bbb2806bc086220a70f4861aa79a36568e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 01:14:29 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1472-5f935-5d2c071e17d7e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=170403
accept-ranges: bytes
content-type: text/javascript
content-length: 115846
expires: Fri, 11 Mar 2022 01:06:11 GMT

GET
H/1.1 200
OK owHCMR.js Show response
s3.amazonaws.com/script-tags/ Frame A565 12 KB
13 KB 400ms
108ms Script
application/javascript 52.216.152.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Last-Modified: Tue, 22 Feb 2022 21:49:42 GMT
Server: AmazonS3
x-amz-request-id: ZYC85D6SQHF2XCN5
ETag: "b7fc2ea65d2d03573f36101d7316ada7"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 12596
x-amz-id-2: w7zvzG27lCP47G+8NHM+LWbi4AVAqy1kIRVHkaPxQ8W0tMs72agKwJf3Jjn4ZUuk3zdCVhX+2Jg=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A565 124 KB
38 KB 23ms
21ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:08 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E9CE 364 KB
122 KB 8ms
8ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:48:30 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 275 KB
80 KB 42ms
36ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=GTCopIDc5z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e17ef345a3598b3656b160ca57a1a44dab4365894b10c407f4257bb248504e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 59291
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 2Y6RXJMF28ZFXZVV
x-amz-id-2: WcSnSNDFZlWhQqgQm0Q8/m3MqlLBQ5gsk2WPSgQxsGxPbGbyTMrTA4PoFIHmikj9LV3M1DFfO6o=
last-modified: Mon, 28 Feb 2022 15:07:54 GMT
server: cloudflare
etag: W/"d766e4371da10c3c8ec5fecc88497ef7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 6e90229d2db72373-ZRH
expires: Wed, 09 Mar 2022 05:46:08 GMT

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A565 364 KB
122 KB 8ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 21:48:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 21:48:30 GMT

GET
H2 200 / Show response
usergate.globo.com/ 31 B
361 B 687ms
229ms XHR
text/plain 201.7.182.142
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://usergate.globo.com/

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/infoglobo.oglobo/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

nginx /

Resource Hash

a60c45c85aef695906b577e9786eea6d2d31df1f2fa84b634bc0bbf761df05d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
310 B 28ms
27ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d76ceb2de69dd5fc2e60901367522ef328efe5b6e188568e4f725837c8a9ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 93
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Cbifg8rsv2f
pragma
wn: prod-dash-10-0-138-59
last-modified: Wed, 09 Mar 2022 01:44:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript
server-time: 0.004
cache-control: public, max-age=1200
cf-ray: 6e90229dfe422373-ZRH
expires: Wed, 09 Mar 2022 02:06:08 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 48 KB
6 KB 179ms
143ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2c96ffbb4427860632f8081009857006548ae39577dc5a0016e5ae4187cfc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: c54sxcr3av
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 6e90229e49f701f0-ZRH

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame E9CE 134 KB
36 KB 44ms
14ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 362
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 192GJRVCA0FMYNF06KBD
date: Wed, 09 Mar 2022 01:40:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: lx4RSLo9pZY8LEXlSax29ejjhEFkp-LjpzjheVj3SkgJMBtGcCTy_A==

GET
DATA 200
OK truncated
/ Frame E9CE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feb304f2c96604f80c12608159c68fd5d6a75932a078452f16ede68cf2a06fad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 4.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 11 KB
3 KB 225ms
224ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/4.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 3c03ea842496b5ce2c307a811ce2417847ee4b58436c2c652cfc027b83d0b1a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:24:34 GMT
Content-Encoding: gzip
Age: 1294
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 2715
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0533595-2d6d-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
X-Cache-Hits: 4487

GET
H/1.1 200
OK 0.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 20 KB
6 KB 229ms
228ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/0.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 7bb6ec6d26f794ab8fc3186182563ede1fbdca9a4f8ba7683675677f4d8919eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:33:17 GMT
Content-Encoding: gzip
Age: 771
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 5297
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0438763-4f5e-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 2661

GET
H/1.1 200
OK 6.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 451ms
224ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/6.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: 27f86cb6d0e6ce5790d72abf17446027d5afca9b72661f7658923efd376c2b3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:25:46 GMT
Content-Encoding: gzip
Age: 1208
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1453
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a061a4c7-1157-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
X-Cache-Hits: 3706

GET
H/1.1 200
OK 2.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 675ms
224ms Script
text/javascript 201.7.177.167
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/2.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software: Apache /
Resource Hash: fa05d2dd8dde6a40e518c7d8f5c54030e6f2c41eb8c2b406c63a8d541c2a16b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:29:48 GMT
Content-Encoding: gzip
Age: 981
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 1479
Last-Modified: Wed, 23 Feb 2022 18:37:48 GMT
Server: Apache
ETag: "a0582e6a-113d-5d8b3c320b700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
cache-control: public, max-age=1800
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 1431

POST
H3 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 589 B
848 B 166ms
138ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=GTCopIDc5z

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b09d9764674065a15254b6c4ad179f716b9dab27badd0b442b1b99a768226e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Cxkfg8rjMBB
pragma: no-cache
wn: prod-dash-10-0-122-70
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
server-time: 0.002
cf-ray: 6e90229faa1323c7-ZRH
expires: 0

GET
H3 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 6EAB 9 KB
4 KB 207ms
177ms Document
text/html 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45f3c1493a3f00416d2c563dc069b0b2f1daa3843be7819850af2b9c4b609e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: public, max-age=10800
expires: Wed, 09 Mar 2022 04:46:09 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server-time: 0.038
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-200-14-243
x-forwarded-https: on
x-request-id: Cxkfg8r9r8M
x-xss-protection: 0
cf-cache-status: MISS
last-modified: Wed, 09 Mar 2022 01:46:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e90229fbc180208-ZRH
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1775462010&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Feconomia%2Fblogs%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Exibicao%20Register&el=showTemplateZKP87MWQMNO1814&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=1379110946.1646790368&tid=UA-51216819-1&_gid=108904428.1646790368&gtm=2wg37055NG4R&cd1=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=1379110946.1646790368&cd82=responsivo&z=1921537312

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56039
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
499 B 28ms
28ms Image
text/plain 99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=NBK4rYWm&event_type=default&acao=Exibicao%20Register&categoria=Piano&rotulo=showTemplateZKP87MWQMNO1814
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
cache-control: private, no-cache, no-store
x-request-time: D=69 t=1646790369
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame E9CE 338 B
493 B 35ms
18ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a3be62e3fb741a733a7d3302bdcd357642b9cf32a4097b04ef376403c527a6b5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E9CE 138 B
991 B 19ms
18ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

nginx/1.21.3 /

Resource Hash

3fba0f294d54c32f8a4460532ccbf6853d8793fbb8d3d57494ccd2c884c0f23d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 956c153f-d200-422d-8a1c-94a7b128b710
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E9CE 433 B
896 B 64ms
64ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.970x250.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tg_i.pbadslot=138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=cc09c69b-0192-44e1-b91c-a5cd03e64eed&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6375722109831095
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f502f27dbab9ba9756737f79a1f6c7c352508f8972c3cd0c06ddde3dadb3fae6

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 433
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame E9CE 24 B
527 B 49ms
17ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: fbdeb5d66ba30344ec24ab0adffe51a43110290a6d92b4644a97dab06a78d710

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:09 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ Frame E9CE 429 B
668 B 106ms
34ms XHR
application/json 34.253.169.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.970x250.inter,ss:%5B970.250%5D,p:/138871148/oglobo.globo.com.dw.970x250.inter%7D&wr=970.250&sr=1600.1200&url=https%253A%252F%252Fblogs.oglobo.globo.com%252Fcapital%252Fpost%252Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253Dnewstarde
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.169.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5a52276ce36bcec8fe10eac2f1f394457528457564b2f2197a20aadfc5d884d5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
x-server-name: app06.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame E9CE 0
121 B 113ms
41ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame A565 134 KB
36 KB 15ms
14ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 362
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 192GJRVCA0FMYNF06KBD
date: Wed, 09 Mar 2022 01:40:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: uIEVvO9JWBqdlcdHadqDPhT1fjjci67aRBhVrubi7g8xSAuRXxy8aQ==

GET
DATA 200
OK truncated
/ Frame A565 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac08f85b8490c48db92d5e615225c6755bc3198a163725c695d62d10f5368a4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 oglobo
horizon-track.globo.com/event/ 0
176 B 347ms
118ms Ping
text/plain 35.211.79.33
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL

https://horizon-track.globo.com/event/oglobo

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryOTAfkaPVhkdgrhET

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
x-served-from: hzt-tsuru
content-length: 0
strict-transport-security: max-age=60
content-type: text/plain; charset=UTF-8

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame E9CE 385 B
745 B 22ms
21ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
age: 3747
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: 40Y_NPiHqHFAhGwl5HSLaHo-NO6OpBxylhpQlspg04TFolkVVoKHTw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E9CE 6 KB
3 KB 136ms
13ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 60590
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: C7CoXJgJRiSWontCp7prIoMcIAbCaBuFfdvLNtRpxoDcaKh0ambmuQ==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A565 0
65 B 89ms
59ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A565 429 B
892 B 99ms
73ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.728x90.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter&tg_i.pbadslot=138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=deb268a8-2137-4d7c-bc1b-93a82f0acc16&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8495245763303683
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: dd99efd8cb4343bb415244ee9f591a28e526683db5c4acb438015a4635261b42

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 429
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame A565 24 B
527 B 23ms
19ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: b7e71af2e22dbd8721c09c54ca5c17a0d572abc06c3797791896c7234f561184

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:09 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ Frame A565 404 B
642 B 61ms
35ms XHR
application/json 34.253.169.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/oglobo.globo.com.dw.728x90.inter,ss:%5B728.90%5D,p:/138871148/oglobo.globo.com.dw.728x90.inter%7D&wr=728.90&sr=1600.1200&url=https%253A%252F%252Fblogs.oglobo.globo.com%252Fcapital%252Fpost%252Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%253Futm_source%253Dnewsletter%2526utm_medium%253Demail%2526utm_campaign%253Dnewstarde
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.169.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-169-181.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 250b946c7abdc5ffda35da57943aec4b03a1f914f1b903664de3468af15bf404

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
x-server-name: app05.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

POST
H3 200 prebid Show response
prebid.media.net/rtb/ Frame A565 338 B
273 B 27ms
17ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f92d7be82e96ed51c83f31a0c754224c8ebe704cfe6f3cc3a273fa8a224e9655

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A565 19 B
871 B 15ms
14ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fb463105-22f1-4f32-b820-a61516206df1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E9CE 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0UebUJ88JV6kWHD2Y-Tcn7VfxQDKQCVW3uvSOlizqHfSFgbARwGPA5AySfJtG2bH6ptjgkoGSlHB-G9eMzzaHG5TRLGFf-a87Gt1a_4V80EO2LQx9q_rv_M4YelymlmKxLPrsK2IzVssjGQ34jX9ESjyCx9jRNk7pKP1YKi9gSsoAQUEtg-gUO-AKNY7QNqoXEQUkluca7TbsPMgBgHxPkikfoIDBciDp3UkKyJf4CHY13a9GKrdIp1nS9O1rnmZM6qnY-ULhIGE39t8UQO1ADqo28zZraVSDj7wc9690HZObK8cpKa3pYbOTb9WbH1x03qtIbkV38K4lgkqtPhd5SWpT5wtlOp4gCzWJ9A&sig=Cg0ArKJSzGqWa8h83lygEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:09 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame A565 385 B
745 B 31ms
22ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
age: 3747
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: nrBsCQ8aBJMkL6PCScMB6kN-tqxQ_vaR2OD4mfbdyTs1miy9ZL4kGg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A565 6 KB
3 KB 108ms
14ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 60590
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: MQtlCxU2ieW78QT6gE0YYW3nE5irOh8Smgr2YLZ5T7j0A_b_UZLFVw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A565 0
0 45ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss69Lf_xN4Gr0-sWbtJxiPt0B-nplBouJstoGEbK0cfkhRY4lnu45tiVJcgNMBuNT_Po86dM2UiaS4Vy4__WjbWcK-wZfjVvHlaeYIoiCPYvXtABnQax7oSFESk1orksrvLW5NTi31TWb2ow3_ERQn6cQ-yMPIrkcBZPa83d6ETecvgsc01NlD0xgg0sn20aurOr6kXebZ-QPXHoca9fLm94Ji9dUPSAhCh20Dq662ataVSV7KXZh0zbc1uiwRapPGgPSJmu-uPMXc945sCi_AF5EI3PGFkxbyF2GCWVj_hNR0oDidUHObtl5H44JCWw0g8ep3F5M_ryQV1rOPQkNqEvu4_MPI9aiAxNGlP3A&sig=Cg0ArKJSzPEw5w73nzHFEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:09 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame E9CE 38 KB
11 KB 38ms
18ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:22:09 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 260278478

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame A565 38 KB
11 KB 17ms
16ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:22:09 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 260278478

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame E9CE 23 B
494 B 45ms
45ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=9PWq3xvGbPbH3&cb=0&ws=970x250&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.970x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: DR0KNJ09B9CTCD8BF5NH
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: mhU88VDubC9LN0Fsuz1KQ1ELRRBFTecUs4Ql0ie3s02xBoLOyimw2w==

POST
H/1.1 200 996.json Show response
id5-sync.com/g/v2/ Frame A565 213 B
540 B 33ms
8ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/996.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

00e751a1bd69fc4ee4fe8298dae3eed833220ddd81a49d8ecbbe0d214aeb65d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Date: Wed, 09 Mar 2022 01:46:08 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

POST
H/1.1 200 996.json Show response
id5-sync.com/g/v2/ Frame E9CE 213 B
540 B 36ms
13ms XHR
application/json 51.89.21.10
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/996.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p24.id5-sync.com

Software

Resource Hash

e5a2a52ccfd2fd9cec78336d091a8b0d4df4155c90efaa14ec71168f5b31c8be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Date: Wed, 09 Mar 2022 01:46:08 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame A565 23 B
496 B 43ms
42ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=NahrAfy8tegLx&cb=0&ws=728x90&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Foglobo.globo.com.dw.728x90.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: WEQPVYAHX3765AWRV1R6
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tP8X7EHZ-rwS9FlzWX4pw2Mw_uXgFnVcURoaSfzSAOMbKwn5Qgt8DQ==

GET
H/1.1 200
OK conteudo.json Show response
oglobo.globo.com/api/v1/ultimas-noticias/economia/ 20 KB
7 KB 228ms
227ms Fetch
application/json 201.7.177.131
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.globo.com/api/v1/ultimas-noticias/economia/conteudo.json?tiposDeConteudo=materia,materiaEmCapitulos,fotogaleria,videoGloboCom,listaFatos

Requested by

Host: i.glbimg.com
URL: https://i.glbimg.com/og/ig/infoglobo1/static/blog/_js/redesign2019/carousel-oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.131 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

a9c9e3707ef7e2a8006b58a56f89784f92c81c734d340ee76a0c549da5a031f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Strict-Transport-Security	max-age=15768000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:45:09 GMT
Content-Encoding: gzip
Age: 60
grace: none
X-Cache: HIT
X-Cache-Hits: 2
Strict-Transport-Security: max-age=15768000
Content-Length: 6315
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
cache-control: max-age=177
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Feature-Policy: geolocation 'none'; midi 'none'; microphone 'none'; camera 'none'; speaker 'self'; fullscreen 'self';
Content-Security-Policy: default-src 'self' 'unsafe-inline' https: data: blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https: blob:; img-src 'self' data: https:;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Wed, 09 Mar 2022 01:48:07 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame E9CE 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E9CE 107 B
122 B 34ms
19ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E9CE 22 KB
9 KB 329ms
329ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1589454116592088&correlator=230458386180419&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.970x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_7cdeed08d7fe08%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3Db15693de-9f4a-11ec-8ba9-0a55872b6571%26vw%3D40%252C50%252C60%26grm%3D40%26vw05%3D40%252C50%26vw10%3D40%26ias-kw%3DIAS_8423_KW%252CIAS_1172_KW%252CIAS_6860_KW%252CIAS_5255_KW%252CIAS_6676_KW%252CIAS_7153_KW%252CIAS_8878_KW%26pwtsid%3D7cdeed08d7fe08%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4984%26pwtverid%3D3%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&cookie=ID%3D72b06c0ab71c5029%3AT%3D1646790368%3AS%3DALNI_MbVdFWyDvWoy9lITz50y0ArsMFrDQ&cdm=blogs.oglobo.globo.com&abxe=1&dt=1646790369438&lmt=1646790369&dlt=1646790368724&idt=157&biw=1600&bih=1200&isw=970&ish=250&oid=2&adxs=315&adys=2948&ucis=yo3idcu99zms&adks=2487537034&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&top=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=23&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1379110946.1646790368&ga_sid=1646790369&ga_hid=104970807&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f07b1f86f09b148c80404d512381603dd34ad38b8c97e9d876f6317b95a0f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9463
x-xss-protection: 0
google-lineitem-id: 5770955185
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360694999
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E9CE 14 KB
11 KB 43ms
21ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5ebed23aaceae2b01fd612200022fa2ad5c1c8bddbd92a85003176d19c15c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10619
x-xss-protection: 0

GET
H2 200 container.html Show response
54bfad1e8ab25bf4ba12ea8ec57b9986.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5318 6 KB
3 KB 33ms
18ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://54bfad1e8ab25bf4ba12ea8ec57b9986.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 01:46:09 GMT
expires: Thu, 09 Mar 2023 01:46:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 6EAB 33 KB
6 KB 44ms
44ms Stylesheet
text/css 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

734421d9e2fa5fe78c7bbd157c8de6a60bd1e0752c8abfcd2ca27f4a477ff2e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 4588
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-130-253
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"33843-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6e9022a11cf30208-ZRH
expires: Wed, 09 Mar 2022 03:46:09 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 6EAB 30 KB
8 KB 413ms
412ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=pt_BR

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e203fc1358e2baa0e35cf6999e059b111046b3e42813527475bdbc1759556c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Cxkfg8r6XiY
pragma
wn: prod-dash-10-0-123-238
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6e9022a11cf50208-ZRH
expires: Wed, 9 Mar 2022 20:46:09 EST

GET
H3 200 platform-translation-map_pt_BR.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 6EAB 145 KB
40 KB 44ms
43ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_pt_BR.js?version=14.98.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ceb4e4276ef52ab6c3f1c5a3b58745b325829dab7db3b137a755464bead104c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 36286
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-117-181
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"148640-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6e9022a11cf60208-ZRH
expires: Thu, 10 Mar 2022 01:46:09 GMT

GET
H3 200 H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA Show response
buy.tinypass.com/_sam/ Frame 6EAB 520 KB
156 KB 70ms
69ms Script
text/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=14.98.1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe32546d5169b23c05f7018503ecaae96b14615980dea18cc0c825f535bb683

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 5
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-115-10
last-modified: Fri, 04 Mar 2022 11:39:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: text/javascript
server-time: 0.005
cache-control: public, max-age=604795
x-optimized-by: _sam
cf-ray: 6e9022a11cf80208-ZRH
expires: Wed, 16 Mar 2022 01:46:04 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6EAB 3 KB
1 KB 41ms
20ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e801d929d36bbebe0459ab81315d374567394b4da357a1e68e4d08ac6946c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 01:46:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 01:46:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 01:46:09 GMT

GET
H3 404 style.css
buy.tinypass.com/checkout/template/ Frame 6EAB 0
0 28ms
27ms Stylesheet
text/html 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/style.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
strict-transport-security: max-age=86400; includeSubDomains
cf-ray: 6e9022a11cf90208-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 09 Mar 2022 02:06:09 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame A565 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame A565 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A565 22 KB
9 KB 183ms
183ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2416343094266387&correlator=1905852138211405&eid=31063378%2C31065486%2C44758226&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220309&iu_parts=138871148%3A85042905%2Coglobo.globo.com.dw.728x90.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_71c9f1823faa7d%26adt%3Dlow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3Db1566c0a-9f4a-11ec-9533-02c49424d9cb%26vw%3D40%252C50%26grm%3D40%26vw05%3D40%26ias-kw%3DIAS_8423_KW%252CIAS_1172_KW%252CIAS_6860_KW%252CIAS_5255_KW%252CIAS_6676_KW%252CIAS_7153_KW%252CIAS_8878_KW%26pwtsid%3D71c9f1823faa7d%26pwtbst%3D1%26pwtecp%3D0.01%26pwtdid%3D42%26pwtpid%3Dias%26pwtpubid%3D157163%26pwtprofid%3D4984%26pwtverid%3D3%26pwtsz%3D100x200%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dtrue&eri=1&cookie=ID%3D72b06c0ab71c5029%3AT%3D1646790368%3AS%3DALNI_MbVdFWyDvWoy9lITz50y0ArsMFrDQ&cdm=blogs.oglobo.globo.com&abxe=1&dt=1646790369468&lmt=1646790369&dlt=1646790368784&idt=80&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=373&ucis=ro73a43eu6g&adks=436941508&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nhd=1&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&top=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1379110946.1646790368&ga_sid=1646790369&ga_hid=324548838&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

cafe /

Resource Hash

6af1d294314c29e17d5659a5fd8cd44c78cd2b8c1035695a03d8ef866d9a4c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9484
x-xss-protection: 0
google-lineitem-id: 5770953283
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138360277874
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A565 14 KB
11 KB 22ms
21ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dbb2b48bc2aa04525b9ff8b5cac9f0feba04688f8b2721a0ab151b019387be25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10794
x-xss-protection: 0

GET
H2 200 container.html Show response
e1888587fc69966eb573250099e387f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B66 6 KB
3 KB 45ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e1888587fc69966eb573250099e387f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 09 Mar 2022 01:46:09 GMT
expires: Thu, 09 Mar 2023 01:46:09 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E9CE 17 KB
7 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:09 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A565 17 KB
6 KB 58ms
36ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5895 13 KB
5 KB 27ms
11ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 23:07:55 GMT
expires: Wed, 08 Mar 2023 23:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 65E8 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd736099c672f67aa38ef61b1e290640cbb8994127dc9441bf2fb3d0a1af186a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kURWCTIodIyTTHto/FOqVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Mar 2022 01:46:09 GMT
date: Wed, 09 Mar 2022 01:46:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-kURWCTIodIyTTHto/FOqVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8918 13 KB
5 KB 21ms
10ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 23:07:55 GMT
expires: Wed, 08 Mar 2023 23:07:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2D1E 783 B
533 B 21ms
20ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61f31bd52c4c742612603bf0bcba8e00bfd3b57a3f9bdd75269651cc3aa83308

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ryLdaEfeWXopQd6szxiKwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 09 Mar 2022 01:46:09 GMT
date: Wed, 09 Mar 2022 01:46:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ryLdaEfeWXopQd6szxiKwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 65E8 0
0 55ms
40ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=1589454116592088&rc=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2D1E 0
0 55ms
55ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=2416343094266387&rc=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5895 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 20:10:16 GMT

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 8918 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 20:10:16 GMT

GET
H/1.1 200
OK 97124989_postos-de-combustiveis.-Foto-Divulgacao.jpg
ogimg.infoglobo.com.br/in/25393410-af0-1af/FT1086A/ 63 KB
63 KB 902ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25393410-af0-1af/FT1086A/97124989_postos-de-combustiveis.-Foto-Divulgacao.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

2bdcd34338bd45d67101200a52d7b976ab44da1e9a207c19145c4bb513515347

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 10:41:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 54245
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Mon, 07 Mar 2022 10:02:12 GMT
Server: Apache
ETag: "e0567439-fb4a-5d99df550930e-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 499

GET
H/1.1 200
OK 381216032.jpg
ogimg.infoglobo.com.br/economia/25424330-80e-275/FT1086A/ 60 KB
60 KB 902ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/economia/25424330-80e-275/FT1086A/381216032.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

84047fa393e0389d989dcb5e01a392292264f1f95d645d456d6afc51dd26407f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 22:24:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 12099
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 22:21:33 GMT
Server: Apache
ETag: "c01efa14-f130-5d9bc674d95f4-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 512

GET
H/1.1 200
OK 93570902_Maceio-AL-24-06-2021Cotacao-do-DolarDolar-cai-de-novo-e-chega-a-R-490-menor-valor-4.jpg
ogimg.infoglobo.com.br/economia/25160101-df1-706/FT1086A/ 91 KB
91 KB 903ms
226ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/economia/25160101-df1-706/FT1086A/93570902_Maceio-AL-24-06-2021Cotacao-do-DolarDolar-cai-de-novo-e-chega-a-R-490-menor-valor-4.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

928561fd7676b504a4304a44de0c81ac91265d7117c364661ea2decea6705f2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 22:01:26 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 13483
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 21:58:06 GMT
Server: Apache
ETag: "402fbb3c-16ae0-5d9bc1372610b-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 546

GET
H/1.1 200
OK 91529124_RI-Rio-de-Janeiro-RJ08-02-2021-Postos-de-gasolina-na-Zona-Norte-do-Rio-de-Janeiro.-Foto.jpg
ogimg.infoglobo.com.br/in/25005476-be7-65d/FT1086A/ 55 KB
55 KB 905ms
226ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25005476-be7-65d/FT1086A/91529124_RI-Rio-de-Janeiro-RJ08-02-2021-Postos-de-gasolina-na-Zona-Norte-do-Rio-de-Janeiro.-Foto.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

9de3c952ccea01b08090cb7b44f2c07635348b8c14f9551a823933565086b668

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 21:21:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 15856
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Mon, 07 Mar 2022 19:37:27 GMT
Server: Apache
ETag: "200df92f-dcec-5d9a5fe9a74bb-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 591

GET
H/1.1 200
OK GoogleReuters-nova.jpg
ogimg.infoglobo.com.br/economia/25383567-3f8-cbd/FT1086A/ 37 KB
36 KB 904ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/economia/25383567-3f8-cbd/FT1086A/GoogleReuters-nova.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

270547cd852fccb9ea3632a14b83df7cc20f3824de08a4822be3d396797d4f7a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 07 Mar 2022 18:39:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 111989
grace: none
X-Cache: HIT
Connection: Keep-Alive
Content-Length: 36407
Last-Modified: Mon, 07 Mar 2022 08:26:52 GMT
Server: Apache
ETag: "a039d57b-9487-5d99ca060c984-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 720

GET
H/1.1 200
OK 61365762_Mercedes-Benz-fecha-fabrica-em-Sao-Paulo-e-encerra-producao-de-auto.jpg
ogimg.infoglobo.com.br/epoca/24995450-b93-106/FT1086A/ 117 KB
117 KB 915ms
229ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/epoca/24995450-b93-106/FT1086A/61365762_Mercedes-Benz-fecha-fabrica-em-Sao-Paulo-e-encerra-producao-de-auto.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

8b316e1a34b36cf2681f3ecbcdf2b70605d8a130d6850dde8268e3a03d69cda7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 19:58:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 20863
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 19:56:30 GMT
Server: Apache
ETag: "a0465a8e-1d3be-5d9ba60916a91-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
X-Cache-Hits: 804

GET
H/1.1 200
OK MOSCOU-RUSSIA.jpg
ogimg.infoglobo.com.br/economia/25423434-e20-ffb/FT1086A/ 79 KB
79 KB 225ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/economia/25423434-e20-ffb/FT1086A/MOSCOU-RUSSIA.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

880e81475a8d2a6d06048337a87ca7d78d01d9f1e75ea2af69ce72f30bd86f2e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 14:22:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 40997
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 14:20:31 GMT
Server: Apache
ETag: "8040b93f-13d01-5d9b5aef557af-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 1459

GET
H/1.1 200
OK meme-spotify.png
ogimg.infoglobo.com.br/in/25424017-fe0-16e/FT1086A/ 684 KB
681 KB 225ms
225ms Image
image/png 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424017-fe0-16e/FT1086A/meme-spotify.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

eac891eef28b23d87af5baa73898a28e3df65e0faf4025e00a1eff2852d74541

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 19:02:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 24210
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 19:02:17 GMT
Server: Apache
ETag: "8017bbf7-ab078-5d9b99ead3685-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 956

GET
H/1.1 200
OK spotify1.jpg
ogimg.infoglobo.com.br/economia/22552170-f18-f7b/FT1086A/ 54 KB
54 KB 225ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/economia/22552170-f18-f7b/FT1086A/spotify1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

fc4a9196c495c33b9409f718610e3bc79aa773e48e0e4dc5edaaa990020ff0bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 18:46:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 25163
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Sat, 05 Mar 2022 03:35:27 GMT
Server: Apache
ETag: "401c0c6a-d7d1-5d970528342ed-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 972

GET
H/1.1 200
OK 97962386_FILE-PHOTO-People-enter-a-McDonalds-restaurant-in-Moscow-Russia-April-24-2018.-REUTERS-Tat.jpg
ogimg.infoglobo.com.br/in/25424035-6e7-c83/FT1086A/ 86 KB
85 KB 226ms
225ms Image
image/jpeg 201.7.177.155
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ogimg.infoglobo.com.br/in/25424035-6e7-c83/FT1086A/97962386_FILE-PHOTO-People-enter-a-McDonalds-restaurant-in-Moscow-Russia-April-24-2018.-REUTERS-Tat.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

201.7.177.155 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Apache /

Resource Hash

0c10fa496e4c4e2207bb66a4278b1f8e297f14770cc7f874a9ac4e79da43f378

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 08 Mar 2022 19:19:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 23220
grace: none
Transfer-Encoding: chunked
X-Cache: HIT
Connection: Keep-Alive
Last-Modified: Tue, 08 Mar 2022 19:19:04 GMT
Server: Apache
ETag: "40213c79-15769-5d9b9daa79666-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
cache-control: max-age=31535912
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
X-Cache-Hits: 4203

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editoraglobonetwork/ 672 KB
46 KB 26ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 249c8ab2d1004786e46c0d2245aee3fb6b334ad8b57b1c1c197f7380b395ca12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ME05YfV7Xk3nk5JDqlL6_a_jd7tUPJMD
content-encoding: gzip
etag: "9ad7374eae85eff3cd67b30ac92926c5"
age: 71
x-cache: HIT
content-length: 46716
x-amz-id-2: xnIZ/e74sa8VJOBimVE4HSKxOaQ3zHcYLBSp4nFoSawJFkjO0di5LLAbN8PSZIT/jZS0YJN4JrU=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 11:17:55 GMT
server: AmazonS3
x-timer: S1646790370.661421,VS0,VE1
date: Wed, 09 Mar 2022 01:46:09 GMT
vary: Accept-Encoding
x-amz-request-id: 2DBRJXV7WFFCA6KK
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 81
x-cache-hits: 1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 517 B
980 B 63ms
63ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280410&zone_id=1398994&size_id=15&eid_pubcid.org=05bcd4b4-085c-44fe-8178-5e581c77db85%5E1&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=info.web.oglobo%2Feconomia%2Fblog%2Fcapital&tg_i.page_name=post&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-retangulo.*&tg_i.dfp_ad_unit_code=85042905%2Finfo.web.oglobo%2Feconomia%2Fblog%2Fcapital&tg_i.pbadslot=85042905%2Finfo.web.oglobo%2Feconomia%2Fblog%2Fcapital&tk_flint=dmpbjs_v5.20.0&x_source.tid=e2d92f82-833c-4011-9dcf-f994ad38a9d8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5389570758382849
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 616f3da366fea0999c6692b62b2c45a474b5264c568c6384e1db27098815f8f9

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 517
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
319 B 36ms
36ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0&cb=75382847181

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:08 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
344 B 20ms
20ms XHR
application/json 185.86.139.58
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:08 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
871 B 14ms
14ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:09 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c30a0cd-e3a8-4350-8bf3-5a6769687f58
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 37ms
36ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=blogs.oglobo.globo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
24 KB 246ms
245ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2071666425811617&correlator=4048013296329044&eid=31065488%2C21064365%2C31063247%2C44756894%2C31062931%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cblog%2Ccapital&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=640x360%7C640x480&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Info.MatID%3D291506%26Editora.random%3D3%26Editora.pos%3DInread&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3D72b06c0ab71c5029%3AT%3D1646790368%3AS%3DALNI_MbVdFWyDvWoy9lITz50y0ArsMFrDQ&abxe=1&dt=1646790369670&lmt=1646790369&dlt=1646790363152&idt=5035&biw=1600&bih=1200&oid=2&adxs=455&adys=1293&ucis=4&adks=1759584136&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=620x1469&msz=620x360&fws=4&ohw=1600&psts=AGkb-H9dkeW8v_6KKyDJgek-baskJhmTNrDdHSoUR4SHvVZBGjsTXnviX9K4rrhlS1TnjviMjHf7064BbLMaUHvXTYyzV2rcs-ijN1DPj4w%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-Gbv4NtWzYnk-WKUo4s4onONqJfkPZCrbjPqKzIsQVJEhT4pnXDJtz76fHNdu4fnc3GuAGPHlP6nsSx6Z2OAiYGv9YQC6csO_ByJk&ga_vid=1379110946.1646790368&ga_sid=1646790368&ga_hid=1775462010&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

384af65fd747b01b536b4909a25da399cfac773631d4c7718e671500cb1c34ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24313
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13D1 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvY76SLFoazLGEcEuLtokvNOZxyJVHwBbsvQTeC7iAxIFRhB1fO1r_FpchzqKkuHb0i0WKkUcW-waklAvwkjlXlMab_KwLMnV_I9PhEPxjLAYAGooE_5KzRDKcYMJWU1dK0Jtp42jZtcvuzAyXH1ZRdIbOmV2dNO2JlzU5GXJY6EhunVHXm1yj0ASUV9TZUYxDSDC_xZXJLIDhKEoCpybXKisI3oAfCge1Ve741brggsBh5sDRhSWL87k_kMFV3IDwwvjZhDF6fatcFGRR84oxz0XYqXMJCdBvD2T05_5JrkDNScxP_W_LEKd_o68L4Mul6N1IpDaluVEyJ9OTcO-MBh0vGWw&sig=Cg0ArKJSzFLuXKYXMr3KEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a9floorcheck.js Show response
s3.amazonaws.com/script-tags/ Frame 13D1 3 KB
3 KB 113ms
113ms Script
application/javascript 52.216.152.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00fcdbd28afe964a4bec63932d5f6348abd89e19ed1f990723a6ab9ca8701cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Last-Modified: Wed, 03 Apr 2019 18:47:26 GMT
Server: AmazonS3
x-amz-request-id: ZYCB1A0TKCX234HS
ETag: "2d4b0d964f2c5927dffbf65da033636a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2655
x-amz-id-2: OA3M8vJvedOeC6urwiKzC06nc/ngG6j2TvJhXFtP2/gT/ciRD6W9WHeAvjKpuI3MtrvV+6eXC1M=

GET
H/1.1 200
OK prebidpubs.js Show response
s3.amazonaws.com/script-tags/ Frame 13D1 311 KB
311 KB 111ms
111ms Script
application/javascript 52.216.152.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c771d688cb34399f9f33f7d6ccd2a3ec17a9bb758923d736a3d1942510e963a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Last-Modified: Tue, 03 Aug 2021 21:19:14 GMT
Server: AmazonS3
x-amz-request-id: ZYCD0290Y9FJBXM4
ETag: "5dbd5fb11fd60ffbccab312faa64a2fd"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 318400
x-amz-id-2: oPm4FM2oaJPEoQwYSW3qEKJVzSa8yy9nl1LNOJL7A+7u8JJZTqAYziyF3pCwLdqDeTlMHnmMuxY=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13D1 124 KB
38 KB 19ms
19ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:09 GMT

GET
H2 200 botao-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 2 KB
3 KB 225ms
224ms Image
image/gif 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/botao-desk.gif
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 87ef5ff1e76b7444b170bc854ef7e22adabef01f30050760e757a23df4f995bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
x-openstack-request-id: tx3ce5a55d1cf0454690651-0062280683
last-modified: Tue, 08 Mar 2022 14:38:25 GMT
x-trans-id: tx3ce5a55d1cf0454690651-0062280683
x-thanos: 0AB47184
etag: 5add9e21533db7c34316bcb12976d455
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1646750304.33960
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 2429
x-request-id: 56f37b93-0b05-499b-a95b-a39970328a4c

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1775462010&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Feconomia%2Fblogs%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=botao%20-%20deslogado_gabigol%20-%20oferta%20-%20og_botao_topo_semcookie_cnsmdr&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=1379110946.1646790368&uid=221163472121794115689&tid=UA-51216819-1&_gid=108904428.1646790368&gtm=2wg37055NG4R&cd1=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=1379110946.1646790368&cd77=221163472121794115689&cd78=anonymous&cd82=responsivo&z=934857332

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56039
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cd
cd.navdmp.com/ 6 B
81 B 154ms
153ms Image
application/x-javascript 2606:4700::6810:ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cd.navdmp.com/cd?prtid=13574&prtusridr=e87c8ba27514b09f3778968efb0b47669c366dd8
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6e9022a2efa92325-ZRH
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 287ms
287ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2071666425811617&correlator=3918735292909086&eid=31065488%2C21064365%2C31063247%2C44756894%2C31062931%2C44755510&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fif&sc=1&iu_parts=85042905%2Cinfo.web.oglobo%2Ceconomia%2Cblog%2Ccapital&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&sfv=1-0-38&ecs=20220309&fsapi=false&prev_scp=Info.MatID%3D291506%26Editora.random%3D1%26Editora.pos%3DTop&eri=1&cust_params=ognCluster%3D%26kuid%3D&cookie=ID%3D72b06c0ab71c5029%3AT%3D1646790368%3AS%3DALNI_MbVdFWyDvWoy9lITz50y0ArsMFrDQ&abxe=1&dt=1646790369820&lmt=1646790369&dlt=1646790363152&idt=5035&biw=1600&bih=1200&oid=2&adxs=1126&adys=432&ucis=5&adks=1386723900&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x289&msz=300x250&fws=4&ohw=1600&psts=AGkb-H9dkeW8v_6KKyDJgek-baskJhmTNrDdHSoUR4SHvVZBGjsTXnviX9K4rrhlS1TnjviMjHf7064BbLMaUHvXTYyzV2rcs-ijN1DPj4w%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-Gbv4NtWzYnk-WKUo4s4onONqJfkPZCrbjPqKzIsQVJEhT4pnXDJtz76fHNdu4fnc3GuAGPHlP6nsSx6Z2OAiYGv9YQC6csO_ByJk&ga_vid=1379110946.1646790368&ga_sid=1646790368&ga_hid=1775462010&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dafa64793bf3a1ae0eb9b6df412c72dfc1c6fa38a67b81a327be238d2297b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9833
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3355 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRvMrwrOKbbyIMTdFygU4vjzkf67QLqX0ji-8D8O6OMpFyyH_3avNO4em2pX3GhH3sy9TfDDSvfpnV5z-JDDHYZQnuLILu1hx0ta-VTnznxe6RhHCEmJt0NVRkgPcyV9OXHfm-gN4ETpLST-272QXrAaMiiqzdEMiIViMMsBSfUWMJ5-E6uuzutpBkcXxkqOVBMqY8hc7jcGevRLf11iDjT4lwTv1SZV8HyLfDTu2jjAxlTFwh0W2rB281gJm_RRLXPSsvaxVK9US5v3lgMjTq-X8SRhWpZqSvF1goK6SKhtN-pHZozQTeFLEi8SEl5QN9QbAhUhg7EanNY8PjQDly3xFf09Q&sig=Cg0ArKJSzG_aJeuac6-vEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK a9floorcheck.js Show response
s3.amazonaws.com/script-tags/ Frame 3355 3 KB
3 KB 109ms
108ms Script
application/javascript 52.216.152.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 00fcdbd28afe964a4bec63932d5f6348abd89e19ed1f990723a6ab9ca8701cc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Last-Modified: Wed, 03 Apr 2019 18:47:26 GMT
Server: AmazonS3
x-amz-request-id: ZYCE4VZWQ1MGN9XH
ETag: "2d4b0d964f2c5927dffbf65da033636a"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2655
x-amz-id-2: 0NtwK7REl/nNwB1PVrfCYcd7t1zzaqnOOp2oR19KHtA6I4D4MIhuSUsJB4gIFGVQmZ/xGG7M4WA=

GET
H/1.1 200
OK prebidpubs.js Show response
s3.amazonaws.com/script-tags/ Frame 3355 311 KB
311 KB 220ms
109ms Script
application/javascript 52.216.152.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.152.30 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c771d688cb34399f9f33f7d6ccd2a3ec17a9bb758923d736a3d1942510e963a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Last-Modified: Tue, 03 Aug 2021 21:19:14 GMT
Server: AmazonS3
x-amz-request-id: ZYC7XETCYP8D01SE
ETag: "5dbd5fb11fd60ffbccab312faa64a2fd"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 318400
x-amz-id-2: K8Gbg2nB74XfHjwLw++oszW4eZptCCaEt+GQIfAxz3NPluhKy/a91QZymobvdl+IlXWzN7Gp3wc=

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3355 124 KB
38 KB 23ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:09 GMT

GET
H2 200 impl.20220308-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 620 KB
128 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 264bcc8863beaf40bf3925f2787d6ac9ca7aee6a7fd4499b210411c6a600750b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: kP1wtQZbp_5n0.4jM3VAvO62mKA3AVe2
content-encoding: br
etag: "7b01dd63e9ac6d00cb7e3596fbd2a4d4"
age: 26210
x-cache: HIT
content-length: 131175
x-amz-id-2: ABVEkOdalCKNSGXgTuAj6dceOyUzLKfLdF4KzVrDE3KlPSBmt9Wsl5GhwVEJK2vCJ6+Rl1zo2Ow=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 10:23:44 GMT
server: AmazonS3-br
x-timer: S1646790370.882257,VS0,VE0
date: Wed, 09 Mar 2022 01:46:09 GMT
vary: Accept-Encoding
x-amz-request-id: 66QEGC2GJNZGEKD4
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 66
x-cache-hits: 21632

GET
H2 200 load.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 5 KB
2 KB 30ms
13ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af38286fa634519ab80524b90b1e992febefc15923c89b1663bcd46dfee2c383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: gUgj3C7AZJFMWF2Nwsx5cjlAkNxfoKpr
content-encoding: gzip
etag: "061b43bac53a5e78578ef76be22c651a"
age: 144
x-cache: HIT, HIT
content-length: 1576
x-amz-id-2: J7jysAF5dqakr5BCaIOmw+UclAJPBlcQ/GwPxqNliuleEDvlsI3UAOkd0Zgm3iQJLcofMnvD9+k=
x-served-by: cache-lax10679-LGB, cache-hhn4039-HHN
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1646790370.898660,VS0,VE0
date: Wed, 09 Mar 2022 01:46:09 GMT
vary: Accept-Encoding,,
x-amz-request-id: 8ZDV5ZEEQAZJRFBP
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 2

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 8ms
8ms Script
application/javascript 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 03:59:58 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 78372
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: 4tZmaQmQmbITLvfXOVfSBlFaJKaGFq20wt3NfK4nwUVhJN1QYIuAcg==

GET
H2 200 stream Show response
oglobo.comentarios.globo.com/embed/ Frame 188C 3 KB
1 KB 257ms
256ms Document
text/html 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde

Requested by

Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/assets/js/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

86a8a6ae06c94509cacf532a3df94869dcd37ec3b13da3d4d2315681fd1ff724

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://oglobo.comentarios.globo.com https://oglobo.globo.com https://blogs.oglobo.globo.com https://kogut.oglobo.globo.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: no-store
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self' https://oglobo.comentarios.globo.com https://oglobo.globo.com https://blogs.oglobo.globo.com https://kogut.oglobo.globo.com
x-trace-id: b1be7c90-9f4a-11ec-88f8-a76c1954776f
etag: W/"b18-R1R6qpoMVz/SXkPIG8xVV9ogThQ"
x-content-type-options: nosniff
content-language: pt-BR
access-control-allow-headers: Content-Type
content-encoding: gzip

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 13D1 134 KB
36 KB 17ms
17ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 362
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 192GJRVCA0FMYNF06KBD
date: Wed, 09 Mar 2022 01:40:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1IH33gmFHa2jzZHp_LyeMsX7jwyfCjfj2de5D0om0dzTm0epmll94A==

GET
H2 200 footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/ 35 KB
36 KB 304ms
303ms Image
image/gif 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/OGlobo/VENDAS/GABIGOL/footer-desk.gif
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2455fe3dab06ba539f999e2ff5fda1d31254de4422ccbe0af7103d8075f76195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
x-openstack-request-id: txc5f61005929b42ffbdcc8-0062280635
last-modified: Tue, 08 Mar 2022 14:38:33 GMT
x-trans-id: txc5f61005929b42ffbdcc8-0062280635
x-thanos: 0AB47184
etag: a0724d065a8e1e0d806a9e9880b41c4e
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1646750312.66342
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 36198
x-request-id: 5d46464b-ec8a-4a2f-9fd8-d396a2e63024

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1775462010&t=event&ni=1&_s=1&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&dp=%2Feconomia%2Fblogs%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&ul=en-us&de=UTF-8&dt=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=footer%20-%20deslogado_gabigol%20-%20oferta%20-%20og_footer_semcookie_cnsmdr&_u=aGDAgEABAAQCAE~&jid=&gjid=&cid=1379110946.1646790368&uid=221163472121794115689&tid=UA-51216819-1&_gid=108904428.1646790368&gtm=2wg37055NG4R&cd1=%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=&cd20=&cd21=&cd22=&cd23=&cd24=&cd25=&cd26=&cd52=1379110946.1646790368&cd77=221163472121794115689&cd78=anonymous&cd82=responsivo&z=1655532898

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 10:12:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56039
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E42F 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Mar 2022 01:46:08 GMT
expires: Thu, 09 Mar 2023 01:46:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 b
sb.scorecardresearch.com/ 0
334 B 8ms
8ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1646790369978&ns_c=UTF-8&cv=3.5&c8=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&c7=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&c9=
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:09 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: QmvV-MZLiFgdsgUHoOQbT95dzogrlDf9c9ZltklAfaqc1tAgKgo6dA==
x-cache: Miss from cloudfront

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v16/ Frame 6EAB 32 KB
33 KB 36ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:38:15 GMT
x-content-type-options: nosniff
age: 540475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:38:15 GMT

GET
H3 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 6EAB 60 KB
12 KB 28ms
27ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=14.98.1

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IMQrAIAwAwA_VBJ36mxJrkEhqxUT6_W5ux-EnpbJjEXN0foaSMzbbhrx6UT5QJRtSr0tphggJUkKJZ9-n703K1_CQJzT7AT7l-KhaAAAA?compressed=true&v=14.98.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ad17f3e4887e34b70f3ce18b89ab672b2f4d5db65237e58d704055fdc80d54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 59293
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
wn: prod-dash-10-0-120-13
last-modified: Mon, 28 Feb 2022 17:52:22 GMT
server: cloudflare
etag: W/"61519-1646070742000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 6e9022a4aeef0208-ZRH
expires: Thu, 10 Mar 2022 01:46:10 GMT

GET
H3 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 6EAB 39 KB
8 KB 135ms
135ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=GTCopIDc5z&version=1483354452000&language=en_US

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b078017f3a5881d5c8af75f15f00b363c0c7d3e6677981eb293e296e869a85b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=GTCopIDc5z&templateId=OT1DU3B018F6&templateVariantId=OTVB1WBBQFR3G&offerId=fakeOfferId&experienceId=EXDLD7L1CTS2&iframeId=offer_f39ed6729fd5ae2251fd-0&displayMode=inline&widget=template&url=https%3A%2F%2Fblogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id: Cykfg8rDnQl
pragma
wn: prod-dash-10-0-138-59
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.002
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 6e9022a4aef00208-ZRH
expires: Wed, 9 Mar 2022 20:46:10 EST

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 6EAB 2 KB
3 KB 25ms
24ms Image
image/png 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
cf-cache-status: HIT
age: 6367
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2177
wn: prod-dash-10-0-123-199
last-modified: Fri, 04 Mar 2022 11:52:10 GMT
server: cloudflare
etag: W/"2177-1646394730000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e9022a4bef70208-ZRH
expires: Wed, 09 Mar 2022 03:46:10 GMT

GET
H2 200 card-interference-detector.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5c64635b8d1e030b028e16cdf9b952023561d795c481cbbdba8d1f045536f54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: r.PPJF0qU3b2ANopBPtuzGn2Uv_tj238
content-encoding: gzip
etag: "a9b2b9bf25d334745ec477c0083123ec"
age: 67
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2180
x-amz-id-2: iOh/AR7cUapE3/kUyAxgzDaOpk5dt/JO88bi2RbfYwvhiHap0eMkpxWZy9Pi8iTxrZh/CMZ7oss=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 10:34:26 GMT
server: AmazonS3
x-timer: S1646790370.061323,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
x-amz-request-id: BKEEEP3Q0G3KJX3Z
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 6

GET
H2 200 json Show response
trc.taboola.com/editoraglobo-oglobo/trc/3/ 23 KB
7 KB 368ms
367ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/trc/3/json?tim=01%3A46%3A10.066&lti=deflated&data=%7B%22id%22%3A552%2C%22ii%22%3A%22%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1646738240796%2C%22vi%22%3A1646790370064%2C%22cv%22%3A%2220220308-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3947%2C%22qs%22%3A%22%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-h%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Page%22%2C%22orig_uip%22%3A%22Below%20Page%22%2C%22cd%22%3A3115.953125%2C%22mw%22%3A1536%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2604.953125%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%2C%2CBelow%20Page%3Dthumbnails-h%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f1cf48e17ef690dc32764de885a5b9f569232a18685cf1c32576a22bc237fc9

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 361
date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
server: nginx
x-timer: S1646790370.070174,VS0,VE361
x-served-by: cache-hhn4058-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 pmk-202010011.6.js Show response
widget.perfectmarket.com/editoraglobonetwork/ 99 KB
27 KB 10ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.6.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b383f17092354aea8e8598be6d4d8acb0de6a35b1f69620e85da57045197522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Dj133TGBylNn2devt9Fgqn4nkuTE2sRn
content-encoding: gzip
etag: "a3a81c61409dd6a1e8ba2cb105c53a4a"
age: 6073133
x-cache: HIT, HIT
content-length: 27703
x-amz-id-2: /hXUUPkGjax214+W9IPhoIb91DcgIyAcPR21KEDT3QLsugmoD2/zq7JEYbnPwWtxpBVJqxkj3Oo=
x-served-by: cache-sna10749-LGB, cache-hhn4039-HHN
last-modified: Tue, 28 Dec 2021 18:47:08 GMT
server: AmazonS3
x-timer: S1646790370.088791,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding,,
x-amz-request-id: 3Q1J8VC8V668WEJV
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 2

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 3355 134 KB
36 KB 14ms
14ms Script
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/a9floorcheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 363
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 192GJRVCA0FMYNF06KBD
date: Wed, 09 Mar 2022 01:40:26 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mkANRMf3lZBxDcmTKqKj3O4OAo5uqHonRnYmkgZTWd41FdYy--B3aA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 13D1 385 B
736 B 14ms
13ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
age: 3748
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: lZTD6Wv50Vauy3DcPjp7fn14fyQPmBo33as_rKhg50JkzPkHsT7HGw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 13D1 6 KB
3 KB 13ms
12ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 60591
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: lwNE0cyAna7Ua87Q3YR93jSPNSjWj6-IvAmVAezY94zzwF_9MGiEQQ==

POST
H2 204 bulk-metrics Show response
trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
251 B 48ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/3/bulk-metrics?lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8918 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?L807sQ
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F902 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Mar 2022 01:46:08 GMT
expires: Thu, 09 Mar 2023 01:46:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 23ms
7ms Preflight 18.194.221.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.221.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-221-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-length: 0
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

POST
H2 202 event Show response
prebid-a.rubiconproject.com/ 61 B
236 B 8ms
8ms XHR
application/json 18.194.221.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.221.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-221-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 09 Mar 2022 01:46:10 GMT
content-length: 61
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 19ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.061&type=info&msg=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&llvl=2&id=7498&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=1&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12667

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 19ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.062&type=info&msg=%7B%22mode%22%3A%22rec-reel-3n4-a%22%2C%22container%22%3A%22taboola-recommendation-reel%22%2C%22placement%22%3A%22Recommendation%20Reel%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=8717&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=2&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12667

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 18ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.062&type=error&msg=Didn%27t%20manage%20to%20find%20TRC%20container%20for%20R-Box%20with%20ID%20taboola-recommendation-reel%20(retry%3D1)%20(Document%20is%20Ready)!&llvl=2&id=3912&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=3&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12667

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
90 B 17ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.062&type=error&msg=Invalid%20container%20provided%20for%20request%20Recommendation%20Reel%20(null)!&llvl=2&id=40&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=4&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12667

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.062&type=info&msg=%7B%22mode%22%3A%22thumbnails-h%22%2C%22container%22%3A%22taboola-below-page%22%2C%22placement%22%3A%22Below%20Page%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9306&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=5&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12662

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.062&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola-below-article-thumbnails%22%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=4327&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=6&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12662

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.065&type=info&msg=Below%20Page%20thumbnails-h&llvl=2&id=3480&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=7&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12662

GET
H2 204 debug
trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.066&type=info&msg=Below%20Article%20Thumbnails%20thumbnails-a&llvl=2&id=1182&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=8&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12662

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5895 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GxOU9A
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 13D1 23 B
526 B 16ms
16ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.3
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 8dc72bb80886343da72db26e5fb275177b33403eedb2d821ac1cf615737f0fbe

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 13D1 19 B
871 B 14ms
14ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 29a67dee-1f6f-4801-a09c-d6e5afce3234
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 13D1 0
65 B 41ms
40ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 13D1 407 B
870 B 93ms
93ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=2&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&kw=%2F138871148%2Foglobo.globo.com.dw.728x90.inter&tg_i.adunit=oglobo.globo.com.dw.728x90.inter&tg_i.pbadslot=138871148%2Foglobo.globo.com.dw.728x90.inter&tg_i.dfp_ad_unit_code=138871148%2Foglobo.globo.com.dw.728x90.inter&tk_flint=pbjs_lite_v4.43.3&x_source.tid=b6d9a32a-2e86-4db2-81d3-6ae3cce20fc6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7646599454348852
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c3d45bff1d3bf332043aac55e460a8622e73a7a729ec5e623975a0772b022fba

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 407
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
DATA 200
OK truncated
/ Frame 13D1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72690e465ac704e4eb36d2eae17c65b806ef57a051205d9ec07e24e3f16555a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13D1 0
0 42ms
41ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpbdbaAfbKuKtzeXC1oIrZbVejuX-Ekw1u65v_OBb6RiLy0Su9btBhjea_Jw4mgU4zJB0p2qlH9tFbeMXasqPj5LdcVAZQykeuUDwbU9Aw6vqNKGSRoHuo7XpuxiHcbAL9Q4wQtRvoyNPT6CKV10XhUBxNEQS8zkx4E8fkv44nCCrptjgNIMgv4X9zkRdJnMy7vor3soBFYKi4lFGx2CPZE1IRnoTNIwjtM833i6Yvt6CJnrKGV0cps0JE3-EejdiHXk8q45TMj2HLgmnen8hMcSlTEAsdIf_edbAEJI4QiVOPCiUI5WnJp7mYFhHB-uCvC7a4-7v-L9Tby56LP2EMimGSGlpW&sig=Cg0ArKJSzDElfMHAMsRgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:10 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 13D1 38 KB
11 KB 9ms
9ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:22:09 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 260278478

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/ Frame E42F 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/abg_lite_fy2019.js

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1805
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:16:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E42F 8 KB
714 B 34ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 01:34:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 09 Mar 2022 01:46:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Mar 2022 01:46:10 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame E42F 14 KB
3 KB 31ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.css

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 13:09:48 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/ Frame E42F 355 KB
123 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425d7478422a02b8592686dd947b18cae0ca66ab39dc437067219356fb7a0a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131782
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125995
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 10:36:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 13:09:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame E42F 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:15:06 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 3355 385 B
737 B 13ms
13ms XHR
application/json 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: Server /
Resource Hash: bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 00:43:41 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
age: 3748
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: AMS1-C1
content-length: 385
x-amz-cf-id: 0xV3Me3qQrxV8TzTGgGGCJfuDV0iY6zXvxyvjbIgpiNEiFoiNmHk5g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3355 6 KB
3 KB 13ms
12ms XHR
application/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.79.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-79-193.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 60591
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 08:56:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bdba42cf1410fb617eeb4ffd3e0b9cb6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Cs75WXwyUVDX346EH77vZqVe9ma2qA6kRVRP7mOZ4S0riyZYmBgDDg==

GET
H2 200 stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/ Frame 188C 229 KB
46 KB 228ms
227ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 863abab1fd939484df7f84b8575be30ff20803e87181e7bbe58af326f26c88ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
x-openstack-request-id: txf3359ebb644b45dcb42a8-0061e45ac3
last-modified: Thu, 28 Jan 2021 18:09:30 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857369.24525
cache-control: public, max-age=5184000
content-type: text/css
x-trans-id: txf3359ebb644b45dcb42a8-0061e45ac3
x-request-id: 859bf51b-68dd-497f-9f05-8ba547014566

GET
H2 200 style.css
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/ Frame 188C 20 KB
4 KB 243ms
242ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a2af5a592426fd686a4cc64be457646d6e304ecc47abbfc0e275817a222cd72e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
x-openstack-request-id: tx2b079a81f1344e8a9d069-006228068f
last-modified: Tue, 23 Feb 2021 13:42:43 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1614087762.28886
cache-control: public, max-age=180
x-trans-id: tx2b079a81f1344e8a9d069-006228068f
x-request-id: 0fba08a9-24fa-46a6-b5f3-97e2085a6ebf

GET
H2 200 vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 188C 961 KB
328 KB 244ms
243ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 6a2bd3dbb70547af90e996b9e9d76cea0df3f1d41149d0428d7ddae5e1c3a6f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
x-openstack-request-id: tx1cfab3f7aeb14c67bc702-0061e45ac3
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.49511
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: tx1cfab3f7aeb14c67bc702-0061e45ac3
x-request-id: 3e64936b-772c-4ad6-a88e-21afc3dbf4c2

GET
H2 200 vendors~admin~install~stream.8ea2a970d6ce93d9bef1b637c8faae6e.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 188C 46 KB
16 KB 458ms
457ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~admin~install~stream.8ea2a970d6ce93d9bef1b637c8faae6e.chunk.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 33880cb6848e07fbd0897cfb1868fda7ae729af8da8f3d35e11f578f3e37a599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
x-openstack-request-id: txa05dd0b2c3ee40599a79d-0061e45ac3
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.60081
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: txa05dd0b2c3ee40599a79d-0061e45ac3
x-request-id: 7d112df5-d0f4-4a73-ba01-bd98306f10fe

GET
H2 200 stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 188C 1 MB
397 KB 458ms
458ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js
Requested by: Host: oglobo.comentarios.globo.com
URL: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 0e26ade64b35613f7f287948f47be3d9381a2b50959a8d9fb88ceeab6437b8a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
x-openstack-request-id: tx01b15c770bab4c0588ebd-0061e45ac3
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.26862
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: tx01b15c770bab4c0588ebd-0061e45ac3
x-request-id: 10faa619-31f5-431e-a662-adeede7daaf8

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 3355 38 KB
11 KB 9ms
9ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Wed, 09 Mar 2022 01:22:09 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 260278478

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 13D1 23 B
496 B 45ms
45ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=sao1s1NVDeaeR&cb=0&ws=728x90&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.728x90.inter%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: AC03B560PNAFDRCMWP0F
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: OgFFgztzMQEliWDvTGF9NswKuq8VeefkdIk5GtTD8idVWXmwHU0Whw==

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BF4A 624 B
297 B 33ms
18ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjV-PPCATAB&v=APEucNWT2l3q9Ehg8yMNM9xEE3fCECQwXysyKat63raMXpmpckVK4onTY7bflKJHXv3TZ_PevKYb5hkNXj4JCHfwT8p0wLFfy9xgpb5ZEgepFP0qw0MFt8CZgnBBCXVX6gNPPLh1anhHosDAtGHJWDAQSmPjXUf93j8dObpp1KJqgOSxNM4Xaa4

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 09 Mar 2022 01:46:10 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F902 75 KB
32 KB 65ms
52ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJYBlKah-lm-zP0fsGhTA-axg6Cr_NHNMC4sZAc6TeTgd4Axy-3beVuYgVZErMMnjMwtmbHZQomaWRL9q-IhIcrLiS6Gk7BQY-Q38amB-Ajc_o82IULPL2fz0Fbs3briR73uaz9beQTwxg7sXQeHo8FajDKQ&dbm_d=AKAmf-BqaRaBFIhDJd6aIeMY8bjgjb6nMHkf1JLNI-UoBlGg2D3PbmCgXeD92mmXLYjQLsmgUx4GNG7DITHqm_dPqjSSy8o2quiRwqk0eun0w1x0GS2vlpv3NDhSHxEM_9dOcMvJIkTLGuZxSmwvTJInU71pfy1ToKTUNF6Fmxxbf4GHGnXgw-snD0e-g94nqYpC1SGyhKbyueU8yq_Itwod-rdu6H5ag6LkvPQzhbbv6p2kQqv4si30tw8p4f4w0e9BxoloAIiUih44V-QSSljoT6C_J4gM1MmwE_QJpwqoBWagqBfiU8GlNdbQSeDJqNMWqmzEBkFEcB5PzwsiU2EACjlFhly-ENZXkYVlrA-yK4GJkwrGANupjnhTGd58Rf0YG17mJByLTs59QYQjCOt280x-WOP3oHq7eDWRGGyCUCmZhXM00TfjjQZT9P1Oun4GzBl9oDLlcG2kGBhKtmP6I-kVuGVrnWBwSPAhNrB4kDv6mJTrWknEjg8JwY_mK-KP01yfShLYdBvF35tfaosAgeJUyJcHrrJNmL-ztxNVhYi145tLhHuIDs7csN7JdLKBberIrajFyyXaTrbqpcAbQBdx0m8-e4vWhyMVoILRvahynv2u_bmyTcFducYZLRBWVxKBD_KbfGdcE1ZA5N8NRoFyG_hH1gu37gdzETSWN6XcSZDixgXE5fQeWKWklN18T_uiBebTBFQS6ok-E7pFV3kbRcmAdQ8xh7pKozOHqzjPlnFj3-7WZtcbu-PjMaRV9F5nIfgFuUTvDBwIyyQRpgDyQ7EWHHDGr_0dhf1v1nSYKSgW4gTnRZCFgYV6NDPO0P5GTraV9tKp_6S3gG1zAKm4Oq3fgPeZllFJSCbSg6tmfSbJGy7vO-qiIku3MTsT1mQOyQplQEaXSzC7zThWMtvbaZWIYBeOgsKKPkqoXj3Dxaj6IfOB3vQ-KaFpaQcISKAJo5AGp8xl0Cp-jkaoNyW03n6HQU8NdBvnQ2gSwdgl39AXEHGz6WJBCW2HWGp9pJsm__f58Xk4f7mP40Jxwm6Ua9g6qtAG-nhxnZgsk3xJjZmbjnLAvdOxq2ja-qUvC7FdwBh-go38ifSNBxS4T-NhH3XHjM1VfSHWakUhWPFtpMA-T0HgbwedGXCqYrDTB7RpDAtIEjX-by7OU5KnWYbUymaB5Hfpg4G46SOxJRavZhjKUqoHwQ21xJcg41HYIbGWdajuMx07C-TWni4QcWPGrOrAPtxuO50zvma1sr38XRZRQDXldXXDRFHWrbyoWMX-DylBKStdnDLQFSC7aMN15d-_WLdENMehS0grzrHX1-dT0idM-qDlCpjTtg9fD9yZ3xAR5FEK9SI7IQ62dv2Do0LdVByUInCC2h4LetlF25QQjYt-Rp_1330eZgzv_mfRlmg9_7cRZ95IqXeTs1ssQwIxyMu1pal2NAJlbXf-j9lHUq00HzpLz3BJSmDyvos8iMs-idEKGTR764KfagJNIxJehmN-KmgbNAATLiAy9beBHP9ASOTc5JgB5PNOvPJuZ2aLzM0GM_ymiM8Gms-ouDt1wCtrM3W-3UebRnKf6qZasGtD1DN0WvgvUiSmOsZnxDdyPItwyYrOo41tDB2qijIRon9FJ94IacECRAzhq3V9aFUo8aRnctqjfywTAW2Hx64AZ58fAiy8PmhY6UtNC0BeHyamkJSGWrszNxd4EkRVNA6DInEZpdlrFCYLKbJ9tCHdIgsvYGKq3N4VJzWq1v5xquQqyxlKcengSAdIXDwtlknCd5KhkdWzwC2MfZT7KHLqEihYMkXC9xXn6WO_aV3HJoEpl0i8GXtrB-BcHPaSQBcH_nDEj26kUxVyCwIAHbI4aOLJRgL9dpPFciJGKIi94lkkYT2lvt6guXObuICkSimly0VKzyYODA1V7sJbYO2ypp7-4jysWtoicDCEa107khl3EJViAr73owRmo8iqxxpIedGFjDAg366bpx_uxTD4gBUXWKVliCXx5zEp14iw2WHMhrAiR5ny3E425CaSf3j1MlW7r869ASgcxX7hHYf0qKlJgDoERg2m9b3swzH94yu-Z4mA4DZ_B32p7dgSoketYgzYUKB3m6UuqD2s_xmw96TNdUyMTJyH-AhXNoZy0P_h1VX5TtWwpDcd807PaNfBWKe2wReUd2sWpTxErbt2euIeqBylxDOftv713DNc53g8FFGV8ClpTdA122bWQ6j2svUHG69-z8ciu8_CDXzsy8lYlKxqUeyAsWhe_9O9y_uuRYSb4a965hj4ivYJtgR4k4YkYsfHi94aX-A0mRmkvgZlLcMv6Q7WKjVTMGncQsg8eTvjr9ILmpiW3MUzud34KNMWm39-yGxpeaxgwqyO4fqoBtJuFK9KuEA8e_X39sUPNiNSXnKn65XeMDdp6UcffP1fRYlSyujyYxNBPO8S99WBzE1uFSEZCGx4exOzYTaEcEwkhisw22z5d_HTM8QxOHoOVPr8jr3hSGB5VmY6rq1L6mFzBR12yx_ukNYJe-lNtbfM_JvtSVmy8QMvPhQ__nuc93yXfz9_c5e8tNtuc3NmJMKkoBYLHcFDoYmBdgXngEWx6IvDoi14OUUKl-bcOMOajVlCrqXIA2XvuoYJCnjvVIBXHxoZ62Bb_PJn7K8StABpVN_724dINHYg0lFMPBhb-QkR3dRmqKGQmOV6Eu6KFoumVw47GFRa4w1-OfvmCe458_L80qwlSTr9LvKWSPoK6szAVOa-7k2lNVTTecLWRXXjFNl0GbAmZMRLcGQ4DAZQOIK4dwUMdO36dekr_acStltd369ZeYUWvzfu3pXdf3mVUFDk91qHVOOhM1Od7x6EkzaifJbCn-viXeF2dR7l6qGhUwtN-fudr_vsr5g2c59hfRIcBmgDdKHtxs8UVwr3FSlJsBWKJZEuGEfE9Gjb_uJ4k-5bzCySUyeTsmnKLBx8MG4-mUcygM-tSZAbiQDp9Uq-MrLs3yWAPTJdOMObwr5wRrIlEMl3oXIJDT1rRBW_Al8JVsIsz3guc-xViOw-wCWVh74d00l3Ue5ywQ4-dJDAgC7Lbtkk5DvB1yRFE5r9iCq7PQqyg0wQT6elMVFaZD7BnB_11F4a0kkEV9Vtb4-tY9BdKuDQ0B6wL4SWjnxzydNUP_QufrGFWPcSlc3f0UnoPY0o0MIJOCyYS5nvabFn3zl9lmZnkMwdD3EO5PrE4xcaOQGcvp5rfJZR26GtHzKql1YQvr9ebNESReLZydIiroyCALJusUhdgYEpYOCU1ZWr-9blZjRLPR9FEeMfXcJRFcCooPH4ENM_LK4zPlWgQB0r2nXEocUanOGsCbCuXKi7NMaoQOqY4IovLkm2MgS9Fme3_hkIsz8cMUpVOQjaFZXoGcpjY5ez22887T7Nzo6evSSRAVZXOP0nplhOr0xFls1FT6SXauw5vWlEwHQFC8hWIydiSiLuPvfLoIgQIfCFhWjHchGF2-JTpxYE7CvctA33N1cn-bk&cid=CAASJORo4cuMPB86eBVxrtSOXtKTsaINoxry6MojFIGB1Dcpmmu_Vw&rfl=1%2Chttps%253A%252F%252Fblogs.oglobo.globo.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4647e846aadf2b660000b41229ad1e6d3fbd1e56a61cb672908cf9e29c002536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32620
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F902 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJLb599Sncnj55gcUAV01zmZMNAwZDHRLw0351FCu56-uVk5ProcmcYPmLHAS2_kPw2cSVbURmu5ZAWSIEz0DpGL4ffcHYYOxI598EtpsTa5K86VI

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame F902 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/window_focus_fy2019.js

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:23:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:23:13 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F902 124 KB
38 KB 22ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 09 Mar 2022 01:46:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame F902 15 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:15:06 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A565 42 B
64 B 54ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuXU9BKkN8qqAcq8etTEAvs4X6LN_nGdBPMmwhO3OdivrKOEKwj6R2CRFVq4Rel3SSgjQK94PZstR3oFUSVjhuoV0RUTtOKFjqt5PvVGkSmp7zg2TUt&sig=Cg0ArKJSzFXqujT3tVkHEAE&id=lidar2&mcvt=1013&p=418,436,508,1164&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220307&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1196243219&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646790368784&rpt=516&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E42F 0
327 B 33ms
13ms Ping
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l0iwgu1r&c=7315070300736&slotId=3657535150368&qqid=CI73hpj0t_YCFdGydwod6UcNkg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E42F 15 KB
15 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 546591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 17:56:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E42F 15 KB
15 KB 17ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 403087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Mar 2023 09:48:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E42F 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C1OKP4QYoYs6CLNHl3gPpj7WQCfTSjudolJiEq9oP6Kq2lYsDEAEgl5f4IGCVgqCCsAegAdPM988ByAEFqQLtqjbYdUuyPqgDAcgDmwSqBIICT9D-6QKm9T85otJ57VQMLUnKexyeRk3Lv1VKumOoBthS1j70Zfxg_xLqhyw2wfALr4_4frJKBv0T48EpF3YFTqFsZfAFOpVZGpyEfDSiCxdc0TuZrtZSoKIdTzMIKCPFj_KXsuXUx9sBF1y8E25yM7buGDm9hLWkzlrgq8DdMyAcka_JUKH6MC5Rrt-ZxZDLSZ2ECzBfTpFN-bpq1TkrFmpuevuDJCPr1G_W0EFL1aDIzo0YYp0eIHxgQC1gz0lZuZEKXU7bL96VPdST_6O7cBgowZkQq6l3f4P7nKvaoxMptY3Kd3tGnpkSV1oG8vobmElgXemIl4Q87VGph9gPDpXLwATt4_W-4wPgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDyAsB4AsBgAwBsBPE0K8O0BMA2BMNiBQE2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1646790370345&ai=C1OKP4QYoYs6CLNHl3gPpj7WQCfTSjudolJiEq9oP6Kq2lYsDEAEgl5f4IGCVgqCCsAegAdPM988ByAEFqQLtqjbYdUuyPqgDAcgDmwSqBIICT9D-6QKm9T85otJ57VQMLUnKexyeRk3Lv1VKumOoBthS1j70Zfxg_xLqhyw2wfALr4_4frJKBv0T48EpF3YFTqFsZfAFOpVZGpyEfDSiCxdc0TuZrtZSoKIdTzMIKCPFj_KXsuXUx9sBF1y8E25yM7buGDm9hLWkzlrgq8DdMyAcka_JUKH6MC5Rrt-ZxZDLSZ2ECzBfTpFN-bpq1TkrFmpuevuDJCPr1G_W0EFL1aDIzo0YYp0eIHxgQC1gz0lZuZEKXU7bL96VPdST_6O7cBgowZkQq6l3f4P7nKvaoxMptY3Kd3tGnpkSV1oG8vobmElgXemIl4Q87VGph9gPDpXLwATt4_W-4wPgBAOQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDyAsB4AsBgAwBsBPE0K8O0BMA2BMNiBQE2BQB0BUB-BYBgBcB

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame E42F 28 KB
16 KB 93ms
53ms XHR
text/xml 74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Cn_kYl1j2C_kEPij5vKZApa2TENRY1clwQjLGS9XIecOqqTFEBTkDQmGFBoAnr676ouYY8DyYOeuaHTdsWYTySUAheiA&cry=1&dbm_d=AKAmf-BRQ5Scu5rgH2TSc-6XstemjK0xX6j8Qxj0GL443rzRU4KwUHibDBW8xqsfcrsiifFlf00wC7XGeu3mavorBNy6sIvSTI3TeYGPqiAu_8qMGXCzlXKjOvqS5y9D6X1bxSmnquMy6KkbgpL5VRN6p6I6bmHKoSjXY7G9Eu8ubJcTFucZjTEWbTdWSmBYocOQ21dlL3pLkSrGBU5TGVljUTa831dwSFtQHyTTUl6HgFhSZs5RzR2-R97-RFULdjsqaI1fhYIH7bKw9x9xBpRADH6QRfYIkIBbSi3_YqcFWRLsTQ5EfZdp-ZyGdwRfrwQGDagiOGf5e0XdB1puZQqXhXcJLqTeB2gIkSo8HDE7ASOW4tOhKpEXRza15sEBbW_BR022TGCb-DN6E4KTg4emU8ALrUvnD3IsjR7-vgOFM3HENO0S3e4gV3DndgiXNWYSbxaJBYnFRp43WssTyxZVV7GEbn0gxjLmwxIGOsuv0opjeRHOfaBsMfGkFhKsykYFfXbjvrZT4mSJQhK1uL6dRz8vRq4-imK3_h75q8ddrEj24JwzxMC8xvwCjv5VNh1ktS_uOZNZSmDiyjJBzdrING04_Lav6vnhYs3fRVX3QSe4ZEK4o5-3Lg1bbeq15AZYnSzdGD-60BOc4Shx7uFxQ51DMSBBktuFxD2rYOU6y0qYMP75nWdinxWYLMf8dr3mV5RxquUmIt6mxLMKz8zqduDN_nMb1BWst23x_Na8D8sRSJWKwMa7LXU6c_1zonyz0w6nf4eFnwBZ0ZBLygRwqxIiB5w8eREwvcLY0F3nI-gYdRfhr1Y-fPpiEUX_qnbm8qSivnw_t9dg5tZbVgDs1Lg0yii24pYZ0rLRuGHO0FSj74xnx-9kwDRf2LwfsVm4_4CUbH3EPcpXJ3Z-tlkaAIAvGG_SKptE_JgeZp-WOnjhBJp2gr-nAd7_PNITSR9HsSoIOR6JwJwDyhEOdEbJ16qLta5NmEnJihxoH-O2ldhfVEZePWaGElxYHR1u1OEs9LuCJRi0d1__ejokCiBr8-e2bMXZKXscND-Je62b1woltjG-UgU-NW5YFn-ZlXsNAJUl_ZiwHiWLv1VIt6Wz0m1j-1l1l59UZV8DjHjN1JdfKFcaPCQTg4Zboxi7Ix0ACdez8_uW6KX-vDgE2SBMw1QGCfZC6kDXCZbZEqjMurEVY3wPR7qIwVasZPAP9Za7KSWUV_8wEwpcZVMN0z_qE7KVIXKJYGmKK6f_Rqu66tOEMSwEaLLuq1L-j3qyq3o0JJYAAcRbzslvyssoDGkgSg1a0SKi3sLbzhII3KUIslN_GI8Fay72mWDFxgztHZD4HqPFMrr66IQS7A4qQg5GIkfpJT02srBRekjBYCPiWXHGAKUYUgkwT8hnz6uLsgc1utj4WpU4Vvt2AuHwCy3zP0hork9qnTrngoB25NSbhoxAo0vmoj10NiqaVtUkTjh_jqE_2KALFaigWlpPdE99rtOcWRydd8tvFIMnAuvNFw1qHZtxWh0PmvvjmI-6qiifSPmtpdrR5WSs5vccAuogfPBYZ3EEMChR_YcYY1b3GIcBerhxI4l4ZObBnnExpyRiK9fUS9Gfkp9joi0HuhpAYeYuVhWM168hTeKyD2bGaeCgP5bcEysvpa274Z4q3D66_k0ksHrZCMUndhgThBPIgF8IkA-g75t89kMdPlcqO35KkIyStltQzhl85ixW7fBa6cuyBKuC_MWbZdG80NwSzEY1fU2aIQB0d3dI8wDIY1hbB25MjWDm2Tzif3lmkfTiVfpAu8luMwq_JTpnh2KVY0FqhvQbGwmV9BQPMY-1xlZeCE4czqHuja2SEiE_0Py2RlF0_SRm8pIPwI5_PJE2IqlcgE-q9ba5wWDgkWbccYre1KX6zWb8e6LRBr0XwCv8cMeiHwX95CbB8k__vQMahaejoBZbwf4siVaxqDIbc8o59KFMcY9yWPX_MJErou87mt91Gk18uOr1nqpfBsTVpkSKHKRYgnPsUV5hcPaU03fNuCH3mDuruNnM9DEu1ZKOJC_q0UbnNGrRq3jpdqayugPHCjmQHA8P9LJih4AlWqzSpw4G3CZ5toZzU5ll0YrFLS29Uw4xTrnZkxJ2L1wG6mtzwqyLJSzg9fNgZDeCv-PAHXtyj87PYUt5gznDRGjUMcV-CVt8hBbLNwp9j8gooI16DVotrNYCQqbZl8EOnCEWGAKrZ360lq5dkRiOQ2M-hnvJxofvouoDkufDHeZWSFfSC9FYSuQvi6c9gUwnsh9KIUm7CZe1Y8RGnzfliYWHL3SFTSilCpmlefuqEzcHAzQOr0Jt1TT0D9RkYvEu5IFWesLz5ubQhqH5fmC3evdScgcleIeDQsVANvevzI5wmoiFB6MD_LIAjcgDJQnHqCRIdKGuHrSOivaxtVEhLk5AOjS-Bg9nA9kYlz6GIX8jP7Kr_v3D0YZS5p3Eoc-O__JsciP98HFUfQ_RYdzuan3gDKEoFesdyWrGcc5YY_C5A5KuJQvhs9QJSJu0mqO3A6bqjHi8B4vJPaaTjb5jKynRVeqY9HNOn7kTnx13V4JLoAxSSkvYGkvLrHL5Q974eHhEHKxIbGPGQOsqGgmntcskL1puG8ZNbaZfcuyfWDreU1ihyLMwe7hTTtxAE8_QF-0Hh8sZNIarxzHGqKt_G6YHwWWI664S07feWcFJfUiIVEntoiyYC6cx6mPUW3OFMopcSN0maEpae8KUSxc2wzcyyPAAZ01i5gaGQKo84pDrVwQpNqq3gpdyCCnwG_sk6UJedQBcHmMYRMOgsD9PqUeV2LQa7BdXz84m1co456jgQ6n9l_acI-KKqe_-HrJZIpJnOjvDpvmomT9LXeVg-5CKgiuTtuQ5GN5cW840rPCapPAg4TEnPC8CZVfDysNMxJkEE9VV5fuzh7ZYyRcYIKtOQ_k-6Kh0M1HGhWT05YgXmgI2wn_LAyjexh-dslmJfF17nS2urGt85MICNvShDuIa6nuHG_c6PJVYesAVfa2chbxcAEk6NotZ7KBsXb4FBMSx-AxgWFkI1l9aYXr89AQqA1B4S-H0Tn9YLb3q5IkMZzkYB0zaladl-YizG3y1GCsJPkWkdXSxN9wFbpENySk3VH-lgqe6jMZ0bEJsxJb_xse4QFjBFl7gCQozclCb_dUlp8OV0CUXKAya6ZvFWwZvRuWiic4EujSSWX-BMpCvrzxyPadZjpGD7Q2iKRC2mwoITBzaRZrWMoaYBGJ7aFGUuO-inmGYJCt0hc8OV9PnPuYdLbuwp8cyxMe122T5sERWZb3t-17MLfFE1TH-GVzIdC1N_Bq614phicKrCrK7jj9MiKwD0pv77DfXWLwZ_dV1cwuFAyjQKiqYtItbKRQ8JdF34hj4QVdzpdXtAt_iPriHDsBtAF2zfG3-YGdLC8SFCqN2nMoCSuyRVojI0mDqBrbwtk6e6PKoK-WEMQDP8EprQNERn3Vacbo-LkC6HnpYtqbwxyUsWacDY4Be2JYYBeM2BAelHR1XHMnuhTLM6ih3SoPMXifxYJm8YQBW_O5CfugfZymkRYn6CJGe3MvO8ln4Jtfun1PwjD7wv2boD4dw4iLrSsf7vN6dg4I8yeh9ObQYAU54-rMApv2lJhtJXRwbTBBDxrGEAqbS9enXUjxxaSt7SQD3K2gBc0z8sWN2uAwPFpBNu8Bktx6MQajlsjNtqNh8Tbp7Dm_xusSiFvkVhiizlH2JbCi3UGl_Ulh0U8A56H7jUynlX3JGnpnPGUFhg_E1BRLKQYD-BC34IX8QadAwbKAfciJmmMJDZQSspKrV6WI&cid=CAASJORo8NP7p-bvL8iWuUdtY5KaTkaPwU9yvvxbxkCmS2eTOCBJKA&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

cafe /

Resource Hash

953f23f2a869d10123c3fe186f7995e0f6092c7afd79ba032d71d98b0bad6d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15702
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E42F 0
0 45ms
44ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0ocU4QYoYs6CLNHl3gPpj7WQCfTSjudolJiEq9oP6Kq2lYsDEAEgl5f4IGCVgqCCsAegAdPM988ByAEFqQLtqjbYdUuyPqgDAaoE_wFP0P7pAqb1Pzmi0nntVAwtScp7HJ5GTcu_VUq6Y6gG2FLWPvRl_GD_EuqHLDbB8Auvj_h-skoG_RPjwSkXdgVOoWxl8AU6lVkanIR8NKILF1zRO5mu1lKgoh1PMwgoI8WP8pey5dTH2wEXXLwTbnIztu4YOb2EtaTOWuCrwN0zIByRr8lQofowLlGu35nFkMtJnYQLMF9OkU35umrVOSsWam56-4MkI-vUb9bQQUvVoMjOjRhinR4gfGBALWDPSVm5kQpdFtqdtJ0XNKFtAyWPF5w-49gYi7vMuDka6xsNITW_McBeY5FMMjCby_Pn1ANWkv4dKCwZkhD18wJg17vABO3j9b7jA-AEA4gFoL659TuSBQYIAxABGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB5WziLACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQraJOGPCY98EB0ggJCIDhgBAQARgdgAoDyAsBsBPE0K8OyBONlafeA9ATANgTDYgUBNgUAdAVAYAXAbIXHgocCAASFHB1Yi04ODI4NTg3MTQ5NDczNDM3GOHzIA&sigh=3aWISCbxiF0&uach_m=[UACH]&cid=CAQSOwCNIrLM06hkOX22tUOH6Mt5Wv1di1eXT1bjvwgSX_prkOejoHcCZCPo8Hg4WnUkHc6dk2s8i15VFlTF&vt=10
Requested by: Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 631B 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 08 Mar 2022 05:53:44 GMT
expires: Wed, 09 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 71546
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E42F 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea3fdb9325ec541d94791930468f6c27a7f58ced26cb65e6e2da8648baffb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 728x90_blue_ENG.jpg
hcode-marketing.s3.amazonaws.com/generic_cr/ Frame 2AF4 80 KB
80 KB 790ms
498ms Image
image/jpeg 52.217.12.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hcode-marketing.s3.amazonaws.com/generic_cr/728x90_blue_ENG.jpg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.12.68 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bfb2b363b612416c899f6e75ed4bbb046008df170337c9e63a94756700098723

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Last-Modified: Thu, 24 Jun 2021 22:30:51 GMT
Server: AmazonS3
x-amz-request-id: CP4Y9NKES8ZEYT5H
ETag: "86b5594d696ba0fce31a8f428b841c6d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 81859
x-amz-id-2: EtoK/9etOBxmwLHEL9X4FySPdfAvC3kQNF5Yu5qR6D8keMz8oR4m0yN7iq6xEc3eneib+pIDmxI=

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3355 416 B
879 B 71ms
71ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1798354&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&rf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&tg_i.adunit=oglobo.globo.com.dw.970x250.inter.cdmx&tg_i.pbadslot=138871148%2Foglobo.globo.com.dw.970x250.inter&tg_i.dfp_ad_unit_code=138871148%2Foglobo.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v4.43.3&x_source.tid=8bec8f50-2f79-4bb1-bf56-a591bee88494&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19832463718469096
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f9f04ea32bbc3f97cc9d83638dcfc6401a79d4ccd0d892e84be25669d1acd580

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 416
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 3355 23 B
526 B 16ms
16ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.3
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: a0757f4063d0b9e7961588d12d83c5b88dc6492269cd9af0f8b7287c06d3b5c1

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3355 19 B
871 B 14ms
14ms XHR
application/json 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f3bf3a55-99c4-49e8-a2c3-3cbb6e0e3f2a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://blogs.oglobo.globo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 3355 0
65 B 20ms
20ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
date: Wed, 09 Mar 2022 01:46:09 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ Frame 3355 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f5c21611e4ff8de63540aba5182c0bda10a9a9b917081ab12c71550b2cefa3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3355 0
0 46ms
45ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAmVAgBQziLk_9G0FvNU2OFd6gMC_RGhN0kDAjyzeTTDO0sAORbvs8AQbX5UHHPvxVu0NiKrOxZqWBYMnL0ahNPmJ1DB9YjlMrDWVTpZRmGowfA4AYBaL5X57f35y_BZEA5NB6R1pXBP-q-eAA-_gxfspTO3b_0xiSEQiDaMfD5R00DMu2awyamBzblNtFKU9HrwQWJIdafbE9XVtMzAApEdemOFv1wR7FOH3HWSnNGKUwVVEBPEgx13zfq1oCvnhE8YgP0NvvaaO_3TAY644x4OJfVMsTSEjsX0Cqs1hcsK_leGJHoABNvyohcRRK7_9u7DW6ftBfc9hnJDSHQzZ5OypNAlKVVg&sig=Cg0ArKJSzLsmkhIRGELVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 09 Mar 2022 01:46:10 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF4A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1

43 B
1014 B

28ms
15ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjV-PPCATAB&v=APEucNWT2l3q9Ehg8yMNM9xEE3fCECQwXysyKat63raMXpmpckVK4onTY7bflKJHXv3TZ_PevKYb5hkNXj4JCHfwT8p0wLFfy9xgpb5ZEgepFP0qw0MFt8CZgnBBCXVX6gNPPLh1anhHosDAtGHJWDAQSmPjXUf93j8dObpp1KJqgOSxNM4Xaa4
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Mar 2022 01:46:10 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BF4A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YigG4su6hBJpfmHL2jvNiwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1

43 B
894 B

14ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjV-PPCATAB&v=APEucNWT2l3q9Ehg8yMNM9xEE3fCECQwXysyKat63raMXpmpckVK4onTY7bflKJHXv3TZ_PevKYb5hkNXj4JCHfwT8p0wLFfy9xgpb5ZEgepFP0qw0MFt8CZgnBBCXVX6gNPPLh1anhHosDAtGHJWDAQSmPjXUf93j8dObpp1KJqgOSxNM4Xaa4
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 09 Mar 2022 01:46:10 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIqFQ_JEw6yAWmT9V3S2Mlc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BF4A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEhvXUEz0KxIWdPlhI2Wyg&google_cver=1

43 B
1016 B

14ms
14ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAEhvXUEz0KxIWdPlhI2Wyg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO67DRD40Y2QAxjV-PPCATAB&v=APEucNWT2l3q9Ehg8yMNM9xEE3fCECQwXysyKat63raMXpmpckVK4onTY7bflKJHXv3TZ_PevKYb5hkNXj4JCHfwT8p0wLFfy9xgpb5ZEgepFP0qw0MFt8CZgnBBCXVX6gNPPLh1anhHosDAtGHJWDAQSmPjXUf93j8dObpp1KJqgOSxNM4Xaa4

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 43769be3-0fc1-40eb-a978-95c784eac1e6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAEhvXUEz0KxIWdPlhI2Wyg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BF4A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAyOTc5ODU1NTM2NDI5MDg1NA%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAyOTc5ODU1NTM2NDI5MDg1NA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d3c17aad-e35c-491f-852f-b7a5f3f91ad6
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzAyOTc5ODU1NTM2NDI5MDg1NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame F902 106 KB
38 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
Origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 12:47:42 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/ Frame F902 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CJYBlKah-lm-zP0fsGhTA-axg6Cr_NHNMC4sZAc6TeTgd4Axy-3beVuYgVZErMMnjMwtmbHZQomaWRL9q-IhIcrLiS6Gk7BQY-Q38amB-Ajc_o82IULPL2fz0Fbs3briR73uaz9beQTwxg7sXQeHo8FajDKQ&dbm_d=AKAmf-BqaRaBFIhDJd6aIeMY8bjgjb6nMHkf1JLNI-UoBlGg2D3PbmCgXeD92mmXLYjQLsmgUx4GNG7DITHqm_dPqjSSy8o2quiRwqk0eun0w1x0GS2vlpv3NDhSHxEM_9dOcMvJIkTLGuZxSmwvTJInU71pfy1ToKTUNF6Fmxxbf4GHGnXgw-snD0e-g94nqYpC1SGyhKbyueU8yq_Itwod-rdu6H5ag6LkvPQzhbbv6p2kQqv4si30tw8p4f4w0e9BxoloAIiUih44V-QSSljoT6C_J4gM1MmwE_QJpwqoBWagqBfiU8GlNdbQSeDJqNMWqmzEBkFEcB5PzwsiU2EACjlFhly-ENZXkYVlrA-yK4GJkwrGANupjnhTGd58Rf0YG17mJByLTs59QYQjCOt280x-WOP3oHq7eDWRGGyCUCmZhXM00TfjjQZT9P1Oun4GzBl9oDLlcG2kGBhKtmP6I-kVuGVrnWBwSPAhNrB4kDv6mJTrWknEjg8JwY_mK-KP01yfShLYdBvF35tfaosAgeJUyJcHrrJNmL-ztxNVhYi145tLhHuIDs7csN7JdLKBberIrajFyyXaTrbqpcAbQBdx0m8-e4vWhyMVoILRvahynv2u_bmyTcFducYZLRBWVxKBD_KbfGdcE1ZA5N8NRoFyG_hH1gu37gdzETSWN6XcSZDixgXE5fQeWKWklN18T_uiBebTBFQS6ok-E7pFV3kbRcmAdQ8xh7pKozOHqzjPlnFj3-7WZtcbu-PjMaRV9F5nIfgFuUTvDBwIyyQRpgDyQ7EWHHDGr_0dhf1v1nSYKSgW4gTnRZCFgYV6NDPO0P5GTraV9tKp_6S3gG1zAKm4Oq3fgPeZllFJSCbSg6tmfSbJGy7vO-qiIku3MTsT1mQOyQplQEaXSzC7zThWMtvbaZWIYBeOgsKKPkqoXj3Dxaj6IfOB3vQ-KaFpaQcISKAJo5AGp8xl0Cp-jkaoNyW03n6HQU8NdBvnQ2gSwdgl39AXEHGz6WJBCW2HWGp9pJsm__f58Xk4f7mP40Jxwm6Ua9g6qtAG-nhxnZgsk3xJjZmbjnLAvdOxq2ja-qUvC7FdwBh-go38ifSNBxS4T-NhH3XHjM1VfSHWakUhWPFtpMA-T0HgbwedGXCqYrDTB7RpDAtIEjX-by7OU5KnWYbUymaB5Hfpg4G46SOxJRavZhjKUqoHwQ21xJcg41HYIbGWdajuMx07C-TWni4QcWPGrOrAPtxuO50zvma1sr38XRZRQDXldXXDRFHWrbyoWMX-DylBKStdnDLQFSC7aMN15d-_WLdENMehS0grzrHX1-dT0idM-qDlCpjTtg9fD9yZ3xAR5FEK9SI7IQ62dv2Do0LdVByUInCC2h4LetlF25QQjYt-Rp_1330eZgzv_mfRlmg9_7cRZ95IqXeTs1ssQwIxyMu1pal2NAJlbXf-j9lHUq00HzpLz3BJSmDyvos8iMs-idEKGTR764KfagJNIxJehmN-KmgbNAATLiAy9beBHP9ASOTc5JgB5PNOvPJuZ2aLzM0GM_ymiM8Gms-ouDt1wCtrM3W-3UebRnKf6qZasGtD1DN0WvgvUiSmOsZnxDdyPItwyYrOo41tDB2qijIRon9FJ94IacECRAzhq3V9aFUo8aRnctqjfywTAW2Hx64AZ58fAiy8PmhY6UtNC0BeHyamkJSGWrszNxd4EkRVNA6DInEZpdlrFCYLKbJ9tCHdIgsvYGKq3N4VJzWq1v5xquQqyxlKcengSAdIXDwtlknCd5KhkdWzwC2MfZT7KHLqEihYMkXC9xXn6WO_aV3HJoEpl0i8GXtrB-BcHPaSQBcH_nDEj26kUxVyCwIAHbI4aOLJRgL9dpPFciJGKIi94lkkYT2lvt6guXObuICkSimly0VKzyYODA1V7sJbYO2ypp7-4jysWtoicDCEa107khl3EJViAr73owRmo8iqxxpIedGFjDAg366bpx_uxTD4gBUXWKVliCXx5zEp14iw2WHMhrAiR5ny3E425CaSf3j1MlW7r869ASgcxX7hHYf0qKlJgDoERg2m9b3swzH94yu-Z4mA4DZ_B32p7dgSoketYgzYUKB3m6UuqD2s_xmw96TNdUyMTJyH-AhXNoZy0P_h1VX5TtWwpDcd807PaNfBWKe2wReUd2sWpTxErbt2euIeqBylxDOftv713DNc53g8FFGV8ClpTdA122bWQ6j2svUHG69-z8ciu8_CDXzsy8lYlKxqUeyAsWhe_9O9y_uuRYSb4a965hj4ivYJtgR4k4YkYsfHi94aX-A0mRmkvgZlLcMv6Q7WKjVTMGncQsg8eTvjr9ILmpiW3MUzud34KNMWm39-yGxpeaxgwqyO4fqoBtJuFK9KuEA8e_X39sUPNiNSXnKn65XeMDdp6UcffP1fRYlSyujyYxNBPO8S99WBzE1uFSEZCGx4exOzYTaEcEwkhisw22z5d_HTM8QxOHoOVPr8jr3hSGB5VmY6rq1L6mFzBR12yx_ukNYJe-lNtbfM_JvtSVmy8QMvPhQ__nuc93yXfz9_c5e8tNtuc3NmJMKkoBYLHcFDoYmBdgXngEWx6IvDoi14OUUKl-bcOMOajVlCrqXIA2XvuoYJCnjvVIBXHxoZ62Bb_PJn7K8StABpVN_724dINHYg0lFMPBhb-QkR3dRmqKGQmOV6Eu6KFoumVw47GFRa4w1-OfvmCe458_L80qwlSTr9LvKWSPoK6szAVOa-7k2lNVTTecLWRXXjFNl0GbAmZMRLcGQ4DAZQOIK4dwUMdO36dekr_acStltd369ZeYUWvzfu3pXdf3mVUFDk91qHVOOhM1Od7x6EkzaifJbCn-viXeF2dR7l6qGhUwtN-fudr_vsr5g2c59hfRIcBmgDdKHtxs8UVwr3FSlJsBWKJZEuGEfE9Gjb_uJ4k-5bzCySUyeTsmnKLBx8MG4-mUcygM-tSZAbiQDp9Uq-MrLs3yWAPTJdOMObwr5wRrIlEMl3oXIJDT1rRBW_Al8JVsIsz3guc-xViOw-wCWVh74d00l3Ue5ywQ4-dJDAgC7Lbtkk5DvB1yRFE5r9iCq7PQqyg0wQT6elMVFaZD7BnB_11F4a0kkEV9Vtb4-tY9BdKuDQ0B6wL4SWjnxzydNUP_QufrGFWPcSlc3f0UnoPY0o0MIJOCyYS5nvabFn3zl9lmZnkMwdD3EO5PrE4xcaOQGcvp5rfJZR26GtHzKql1YQvr9ebNESReLZydIiroyCALJusUhdgYEpYOCU1ZWr-9blZjRLPR9FEeMfXcJRFcCooPH4ENM_LK4zPlWgQB0r2nXEocUanOGsCbCuXKi7NMaoQOqY4IovLkm2MgS9Fme3_hkIsz8cMUpVOQjaFZXoGcpjY5ez22887T7Nzo6evSSRAVZXOP0nplhOr0xFls1FT6SXauw5vWlEwHQFC8hWIydiSiLuPvfLoIgQIfCFhWjHchGF2-JTpxYE7CvctA33N1cn-bk&cid=CAASJORo4cuMPB86eBVxrtSOXtKTsaINoxry6MojFIGB1Dcpmmu_Vw&rfl=1%2Chttps%253A%252F%252Fblogs.oglobo.globo.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:40:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/ Frame F902 25 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220303/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5421be34bc9ac3564a6daa35c769d13876e5fa7c4a5ed4892e9e8c65d31c1e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9662
x-xss-protection: 0
server: cafe
etag: 2172778821077356944
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 01:19:07 GMT

GET
H2 200 tb Show response
15.taboola.com/ 39 KB
12 KB 32ms
28ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-oglobo&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&encoded=1&uid=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&variant=-100|1786072086&callback=TRC.videoTagCallbacks.videoCallback1&cb=1646790370454&tagid=&cntry=DE&platform=1&sesid=0bb8f937d67bdfaae9ca203d31450025&itemid=/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&viewid=1646790370064&geolat=&geoing=&deviceifa=&appid=&sd=v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ri=35a00e74c726d9386bda5987f43171b6&appname=&cdb=&gdprApplies=true&rid=&sii=-2228258773318974452&oee=true&tpubid=1212310&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 43789e363a63ceb966aaed5c24124ef9a92559657bf2ba530360181a08a811b0

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
access-control-allow-origin: https://blogs.oglobo.globo.com
machineid: 1451
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4058-HHN
pragma: no-cache
server: nginx
x-timer: S1646790370.467984,VS0,VE17
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 feed-card-placeholder.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc6e79bf1b6e44369cb8bf4ef51ccff33fa0cbccc91a7c926af2c9d60a61764a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JD743vX5kFv8npsEP6QiXfP2J.E5lTtG
content-encoding: gzip
etag: "002d83ece6cd93589f02fcb25223241f"
age: 47
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1262
x-amz-id-2: 6tPkYm8HLEKBp5rwyCNegemVEGBcSP9x+vfuKF+/JZpz3KqNLoZxwOkJs0dHCwl2K/MYClmJVHBZ0VkoqUb3Jw==
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 10:34:15 GMT
server: AmazonS3
x-timer: S1646790370.467893,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
x-amz-request-id: 9ZXQ8MNE8XZVA0W2
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 11

GET
H2 200 distance-from-article.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 35db4870ace7a2a22e381fd7928dac27b0ff0aa58f6aa3511e86e4124c7414ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ifZ0puQf_6XfnsmpNjNUpGn_TiO4MT.q
content-encoding: gzip
etag: "d16fa9e2ab2b5c2209a0b7c92f32b6c3"
age: 69
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1006
x-amz-id-2: OWwTw2WFBEFcsnIw/DFUXr6m2MwcuUwwbVr+wfZAIlO7zcOuc2hpD4SE1MueKQBiQuF9876MO5Q=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 10:34:22 GMT
server: AmazonS3
x-timer: S1646790370.470760,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
x-amz-request-id: KZTCRKYEATT4NHQF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 4

GET
H2 200 article-detection.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02cff87bf655f94854cce6621cccc3b0abfd0cf8f370174166cd3236e053ea83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: JH9dxUnBOJHPLszTft.LQRof6Y5otsi9
content-encoding: gzip
etag: "213959dc6ce4b946b28c82c3c37722d3"
age: 58
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: wDzFY4k4VzK6c4cZ9lzY5yFn/u15Q21QKtrU4eGN+VxTIUl3Mhwm+j1gVgj2i5/2q5da6P2UX58=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 10:34:31 GMT
server: AmazonS3
x-timer: S1646790370.471102,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
x-amz-request-id: 6DPGHSQ4YG79DS08
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 4

GET
H2 200 8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 451 B
495 B 8ms
7ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding: gzip
etag: "1802e318f880ad7e5c7030e9da649cf6"
age: 7135
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222
x-amz-id-2: hqmZShdkcFAlleVmrQTHL0lWM/rrhS/SE+W/uFCvCiwbKRLyTvid0jYcNFqWos5WWw06X0Kut4s=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 07 Jul 2020 17:40:49 GMT
server: AmazonS3
x-timer: S1646790370.474638,VS0,VE1
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
x-amz-request-id: SM6CAHYDHVK1WBW2
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: text/css
abp: 66
x-cache-hits: 1

GET
H2 200 cta-component.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 6ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cta-component.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 627a8cbf37fb72fd326b73ae343b31c138df6bc3ba553ad176b7b0e987cba88c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Xhz_YIGTGGZgh9cSu6dDuFfl7ly3pFm6
content-encoding: gzip
etag: "7681499e0e0b4e2348f9e0307256f40b"
age: 69
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4969
x-amz-id-2: CwtWC8S5BziXxHc62r4QIuxviOJ19aL0S+LptPtFTyQ5mqyJdat+B8q8GG3GMfWpRjIsIiPFm08=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 10:34:24 GMT
server: AmazonS3
x-timer: S1646790370.479838,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
x-amz-request-id: 0NGKWEM2DQD7G01Q
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 8

GET
H2 200 userx.20220308-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220308-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: feaa25ab48a4c76f2551eba621ccbee0f8853d342217424128e6d466f3dcbeaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: f1MNXaMkM0ZD5DLdqOEdsF0cDzKQYPWi
content-encoding: gzip
etag: "f474812bd16a86f1fd024898ea4ab942"
age: 9
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5397
x-amz-id-2: X7nKAYnEm5niY9AK5n1QTtaPQdjwIvz+geZbyKxeEl8Cgum9AMwtlja9ysZ+3sNPMJg/kIz1W6Q=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 08 Mar 2022 10:26:02 GMT
server: AmazonS3
x-timer: S1646790370.482310,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
x-amz-request-id: DM35GFSZF0820PKE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 66
x-cache-hits: 3

GET
H2 200 tb Show response
15.taboola.com/ 39 KB
12 KB 37ms
36ms XHR
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-oglobo&unitType=244&tbloc=&pageType=text&pstn=Below%20Page&uuip=Feed%20-%20Below%20Page&cisrf=&cirf=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&encoded=1&uid=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&variant=-100|1786072086&callback=TRC.videoTagCallbacks.videoCallback2&cb=1646790370479&tagid=&cntry=DE&platform=1&sesid=0bb8f937d67bdfaae9ca203d31450025&itemid=/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&viewid=1646790370064&geolat=&geoing=&deviceifa=&appid=&sd=v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ri=845110cd2625226664310804223fd8f5&appname=&cdb=&gdprApplies=true&rid=&sii=-2228258773318974452&oee=true&tpubid=1212310&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=TH&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f60a41e5f8d64f8e9d212af4df50d83531ad761f952be9f55567d0ca53b458

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-encoding: gzip
access-control-allow-origin: https://blogs.oglobo.globo.com
machineid: 1416
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4058-HHN
pragma: no-cache
server: nginx
x-timer: S1646790370.482391,VS0,VE30
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 10ms
10ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 114
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: dIuPgF32MPZeTv1riDSyCnX4J6DD4HcAbNOGigu/2qjDG9J3qY6+6oya3VXcwS7qL2S4vfAf0bc=
x-served-by: cache-hhn4058-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1646790370.490229,VS0,VE0
date: Wed, 09 Mar 2022 01:46:10 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: ZQ8ND9MMDRQ3FH1S
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 66
x-cache-hits: 15

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 18ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.464&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%221%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22editoraglobo-oglobo-feed-action-bucket-1637826851856%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=7822&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=9&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12706

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 17ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.467&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=7914&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=10&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12706

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.469&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=1313&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=11&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12706

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.469&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%221%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22editoraglobo-oglobo-feed-action-bucket-1637826851856%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=5755&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=12&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12706

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.472&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=7384&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=13&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12792

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.477&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=4780&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=14&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12792

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 17ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.480&type=info&msg=%7B%22name%22%3A%22Below%20Page%22%2C%22nb%22%3A%22%22%2C%22eof%22%3A%22true%22%2C%22fti%22%3A%22editoraglobonetwork-feed-action-bucket-1631208352423%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=4257&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=15&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12792

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 17ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.481&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=4991&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=16&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12792

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.482&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=2441&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=17&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12831

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.482&type=info&msg=%7B%22name%22%3A%22Below%20Page%22%2C%22nb%22%3A%22%22%2C%22eof%22%3A%22true%22%2C%22fti%22%3A%22editoraglobonetwork-feed-action-bucket-1631208352423%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=7483&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=18&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12831

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.487&type=info&msg=Start%20Rendering%20Below%20Page%20%7C%20Card%201&llvl=2&id=6290&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=19&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12831

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.490&type=info&msg=Finish%20Rendering%20Below%20Page%20%7C%20Card%201&llvl=2&id=4748&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=20&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12831

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame E42F 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 13:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131756
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 13:10:14 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E42F
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

90ms
6ms

Fetch
video/mp4

2a00:1450:401e:28::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/15196F5E2A104B5F52EB4E55F65DAB4D15565C82.269530C9E79581EBA9E79BCAF0EDA60B73B9DD95/key/cms1/cms_redirect/yes/mh/k8/mip/2001:ac8:20:3d00:1012:1807:ce74:6496/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1646790032/mv/m/mvi/3/pl/49/file/file.mp4

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:401e:28::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:10 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3969286
Last-Modified: Fri, 11 Feb 2022 11:46:00 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 09 Mar 2022 01:46:10 GMT

Redirect headers

date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/15196F5E2A104B5F52EB4E55F65DAB4D15565C82.269530C9E79581EBA9E79BCAF0EDA60B73B9DD95/key/cms1/cms_redirect/yes/mh/k8/mip/2001:ac8:20:3d00:1012:1807:ce74:6496/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1646790032/mv/m/mvi/3/pl/49/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 3355 23 B
496 B 48ms
47ms XHR
text/javascript 65.9.79.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&pid=9KOpLmWi0fkCi&cb=0&ws=970x250&v=7.73.0&t=1000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Foglobo.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%7D%5D&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.79.193 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 043fc2faaa02eeb59193e3fa300adb6a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
x-amz-rid: CK8DY4QCK9K4KCB5EJKC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: PZC8FNzlcOk_d8v-lWgYySIUfCUQRIEjxd5pbaI6Ypg_6HvLWCcplQ==

GET
H2 204 social
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
230 B 16ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/social?route=AM:AM:V&lti=deflated&ri=35a00e74c726d9386bda5987f43171b6&sd=v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA&ui=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&pi=/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&wi=-2228258773318974452&pt=text&vi=1646790370064&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%22Rennan%20Setti%22%5D%2C%22img%22%3A%22https%3A%2F%2Fs2.glbimg.com%2FUq2VusXm9Va_nqH9V56lRkg6s48%3D%2F640x424%2Ftop%2Fi.glbimg.com%2Fog%2Fig%2Finfoglobo1%2Ff%2Foriginal%2F2022%2F03%2F03%2Fmoscow-g3d80f41d9_1920.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A46%3A10.524&id=246&llvl=2&cv=20220308-6-RELEASE&
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 631B 35 B
464 B 32ms
12ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGRZPzt63Cqq3Rjg6WMxm44&google_cver=1&google_push=AYg5qPJ_9yzcpaOLTkh3uMSmyjoGoROjbGdS6f1bcnPa8uQy3R9YT2aINf94ffNBHInFMhjs-6f4SKT_PESd686hGIyX4CTPEuNk

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 631B
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKUjymdMhgT7x0x2pwxIk2E&google_cver=1&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-tO_OS7...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKUjymdMhgT7x0x2pwxIk2E&google_cver=1&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-tO_OS7NbhcDTmO&google_hm=faOa-P3DQiGd0Tm_L9ZSRw==

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-tO_OS7NbhcDTmO&google_hm=faOa-P3DQiGd0Tm_L9ZSRw==

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJv4RHKhUFIcL2J6g-sJq2dGxcP1tZmjV0FjpBHVDKdzH_OaePcxKHWLR9yGIWcrm9bOiuZ-omTf9Hwx-tO_OS7NbhcDTmO&google_hm=faOa-P3DQiGd0Tm_L9ZSRw==
Date: Wed, 09 Mar 2022 01:46:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET gg_pixel
sync.adaptv.advertising.com/ Frame 631B 0
0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 631B 43 B
351 B 35ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKpqKbI4mDkzvU-VrgF1abY&google_cver=1&google_push=AYg5qPLEHvDYrRakwuKnl42oB16NHz___89CB32ruxbB5Wg5tewi4YAseu0XfoV-fCTyIF6CuNg0k-B4Dji3HqsrESIcI6Xt_fjV
Requested by: Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1675ktu07gj665for5sp1p5mh9bhj2f6

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 631B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4_l618bGTiS9znNAZbMYuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4_l618bGTiS9znNAZbMYuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIA4T8lLefQo2fVs3ECbOg7tCsKuaV2GrmrKxsASE_gfFrLYb6cG9dDvxYduq3c9o4Rc4ITxhFk9iozAB-vjeE5p1YYukYO

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4_l618bGTiS9znNAZbMYuw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIA4T8lLefQo2fVs3ECbOg7tCsKuaV2GrmrKxsASE_gfFrLYb6cG9dDvxYduq3c9o4Rc4ITxhFk9iozAB-vjeE5p1YYukYO
date: Wed, 09 Mar 2022 01:46:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 631B
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKO4l4xridSXGWTtPgF6oXg&google_cver=1&google_push=AYg5qPLZLmWmg_iBbf7mq3wVH4SDqNLi1p5zk-Dc1af1tapLsl5py1D2dxp3fbO84g0y_1lrIyM...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&google_push=AYg5qPLZLmWmg_iBbf7mq3wVH4SDqNLi1p5zk-Dc1af1tapLsl5py1D2dxp3fbO84g0y_1lrIyMgjsqy_syB9Cy3yG7fnXVpjKzY

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&google_push=AYg5qPLZLmWmg_iBbf7mq3wVH4SDqNLi1p5zk-Dc1af1tapLsl5py1D2dxp3fbO84g0y_1lrIyMgjsqy_syB9Cy3yG7fnXVpjKzY

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&google_push=AYg5qPLZLmWmg_iBbf7mq3wVH4SDqNLi1p5zk-Dc1af1tapLsl5py1D2dxp3fbO84g0y_1lrIyMgjsqy_syB9Cy3yG7fnXVpjKzY
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 631B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHwlEiGMGH9NMriOYhq99q8&google_cver=1&google_push=AYg5qPIk_glP7kPTNh1meU90O-cHwGQA1rFeYTG2rTkEp5U74fq0snHwnM-920HfAzU2m3r1vC...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XM2dkMWlWRTJ1RVFTdUdBVnhWZkp6WlpaaUVwb3RldH5B&google_push=AYg5qPIk_glP7kPTNh1meU90O-cHwGQA1rFeYTG2rTkEp5U74fq0snHwn...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XM2dkMWlWRTJ1RVFTdUdBVnhWZkp6WlpaaUVwb3RldH5B&google_push=AYg5qPIk_glP7kPTNh1meU90O-cHwGQA1rFeYTG2rTkEp5U74fq0snHwnM-920HfAzU2m3r1vCQ-EkKq_ZWYZbXn7aqMYczDVtRt8A

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1XM2dkMWlWRTJ1RVFTdUdBVnhWZkp6WlpaaUVwb3RldH5B&google_push=AYg5qPIk_glP7kPTNh1meU90O-cHwGQA1rFeYTG2rTkEp5U74fq0snHwnM-920HfAzU2m3r1vCQ-EkKq_ZWYZbXn7aqMYczDVtRt8A
date: Wed, 09 Mar 2022 01:46:10 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 631B 0
12 B 16ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJEw04Bci3RIx7bGfxfIo4xlFMzuoz2kd8v1ZNOtKOn69tmhspRE3ufq-KPl52-M349QCnIA

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.539&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=3151&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=21&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12854

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
251 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.6.9/ 100 KB
29 KB 8ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5370c8f238d0ae8b1400cff5df17563faca18ebfc2372d0948e20087984e2d19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront), 1.1 varnish
age: 564922
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 29420
x-served-by: cache-hhn4058-HHN
last-modified: Wed, 02 Mar 2022 12:50:08 GMT
server: AmazonS3
x-timer: S1646790371.547730,VS0,VE0
etag: "fc14dc1b8b9b350592c06408d9365f23"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RdCKEbq5DBy3hPY6ihqU1cl35mclg9o0Z8UZl8QoxXuEC4Wpw3j22A==
x-cache-hits: 39849

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.544&type=info&msg=Finish%20Rendering%20Below%20Page%20%7C%20Card%201&llvl=2&id=147&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=22&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12854

GET
H2 200 json Show response
trc.taboola.com/editoraglobo-oglobo/trc/3/ 60 KB
17 KB 578ms
578ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/trc/3/json?tim=01%3A46%3A10.548&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A36%2C%22ii%22%3A%22%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_0bb8f937d67bdfaae9ca203d31450025_70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62_1646790370_1646790370_CNawjgYQlv9JGJDG6-L2LyABKAEwODib4wlAjooQSPat2QNQqOwQWABgAGjb_5X0ga2ul6YBcAA%22%2C%22ui%22%3A%2270186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62%22%2C%22uifp%22%3A%2270186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62%22%2C%22lbt%22%3A1646738240796%2C%22vi%22%3A1646790370064%2C%22cv%22%3A%2220220308-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4542%2C%22qs%22%3A%22%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde%22%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2604.953125%2C%22mw%22%3A710%2C%22fi%22%3A3%2C%22fb%22%3A1%2C%22fti%22%3A%22editoraglobo-oglobo-feed-action-bucket-1637826851856%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%2C%2CBelow%20Page%3Dthumbnails-h%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b61b850eedca8eff344266583909452ed082febc151d915281ffe7ecbfaec11

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 567
date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
server: nginx
x-timer: S1646790371.551068,VS0,VE567
x-served-by: cache-hhn4058-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A10.548&type=info&msg=Below%20Article%20Thumbnails%20thumbnails-a&llvl=2&id=4474&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=23&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12886

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
251 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F902 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 16:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Mar 2023 16:08:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 813A 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Tue, 08 Mar 2022 05:53:44 GMT
expires: Wed, 09 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 71546
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 107 KB
20 KB 22ms
7ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/11608171/1645465385764/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

724f5992400d08d1f15d02006e313d0cef9708355ce3ad8517d5eb6cb92fbad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 20593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 08:55:26 GMT
expires: Wed, 09 Mar 2022 08:55:26 GMT
cache-control: public, max-age=86400
age: 60644
last-modified: Mon, 21 Feb 2022 17:43:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F902 0
571 B 78ms
52ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM2wcw-ZK-O5SZ0p5XOt6eh-wA4BkOEeb8GxiNmUiM2uSGJgLR9BKzYMrFV1UzTb8AQeIJYoSBOEGhG0GGd7NACyhgwMy19p-dqyix2EJr1eTrXO8KJUFwDDAjAxhIHPw5HAWJi6S30zR0DeJdqLNN12c6ZA8CVtiKVdBjER4_aoOT8HHF8ADXrqLDlJ7AsfaM5MTILxXkoT9W6hKsC7sb2PrRFvBHokrVKH3pxBTkdkOZYl6YQuvqFWQHYd9TNkp8988Be4-GKem3JQuXBtQWh3qPWWVntwf-XwCRvvVzO6GqKd8jHb4HzhfbISxj5Xo196hUuiS850cobmNRIYk0NDp0OdgQ8qr2gcyy_d7Abpxz9uzH_b6urdgl6aky1JIFe7Be07vIbNkUF-mfAHHZBISpfHE77sZ6SOUL5-OOR7dRf6XRx1UKPgqzNoU5DIWvpBKuQDk6VCIMcyOiSloRr3LCtp51N9sjCRcorQQWnZCt-gl4wS-2KveZa0Tzcjd3Fa9eWwk38MSnT3ZlC9spnrUyePQuLKl-hFzM0t9jnfaneZaWkaX2QpoyVuYXKgHjjALVDIQTUQO0_xTahPtmPU6kD7gm5eBgehDBRiY1R1za2ZxJyV4m6NkAjaOhUatAstpiE2rDb1jfziXw911W6juDDuZ4RhKYOe0btBvXLYAIdMH0NNo80l5hHA2zBEMXRX9RhtdTiNmsfElfqLZOMe7B3lqc49LZt3djAeXTVlPU3gEvCobArGEroJRSBfbeV8L28YDoJz7ffP1l6h6Z3IKAZ9yz45BQ0TDS_7rAtFYbejYr0H0H-8etuCA_uIEZMjECguF-CAv63k_lh964zPBv-aBE74GzbEJe-idFbmbTA4bSuju5yayzjKdLU21Pql7fWHxhUQnDzEAJXfg_fJzL-sHrv-MABoIcRC-cJPpY7OFebftx7J3MbUwf3tvJuZP3YyF0ZLx41tfa-CCTELJ0sGo_yO8y5HhyY_bupbTzbfm5j-v6Tzktg1I4RcackdjsIJkVQEoxsXngbdgdyx2DT162j_Y4xqoHpnV1fOi6_P7G6sEWSwKBJyga3nXigtOCGSmfOw0ycc_qnWtzQdW5U1ojRBxw43DS6VXg2x3L_Idkwe7edhxcNOC_CCE1LFevgfql0La8cy-QNsuiLUt3MUMRi_qYcq5x4wx5Fb4QyATeJ5RkrF-usSn4apLOkh7QsspM_h88jcN8TZYm-l7gFX6lM62MlBC0Y9i9_8XRoA&sai=AMfl-YRgv-6y_hbgVE2WE7KMlLTqRMZ48qMfMlcORSLlmxy0NThSNRDJ0rOtp3fnzjHemM0fsq5Tv3rqxrYUYkkSMbbvKHTtAuqKOFIAevDy0xrSzHk0-xfcYHijvGk4mvE5uMbpWfHqYxT8vsU-jQImbZeiwCdPnUYzUDMk4_oYetCgZwf0piNRkCZ2Mqxi5hr9YjeJrKP-YmVQjHLrpDK28g&sig=Cg0ArKJSzLCNGgTkpXBXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=171&cbvp=1&cstd=169&cisv=r20220303.51322&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 09 Mar 2022 01:46:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 OQER25S.png
i.imgur.com/ Frame 0E7D 270 KB
270 KB 32ms
9ms Image
image/png 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OQER25S.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7740eedfa43b13a0c0ef57c77c72240b994238b5a5da8be3a9a32e3bdab60aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
age: 666896
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 276441
x-served-by: cache-iad-kcgs7200146-IAD, cache-fra19165-FRA
last-modified: Mon, 16 Sep 2019 22:19:23 GMT
server: cat factory 1.0
x-timer: S1646790371.634231,VS0,VE2
etag: "340aeb974e84b0f941e794593116cd2d"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ Frame F902 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 269106ec71c3262b4be8ea5e9ca8c8ab7bebfdb3b9031a7416eacce41cfd658f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 50DC 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 13:11:07 GMT
expires: Tue, 07 Mar 2023 13:11:07 GMT
cache-control: public, max-age=31536000
age: 131703
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5406 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Mar 2022 16:08:05 GMT
expires: Tue, 07 Mar 2023 16:08:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 121085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F3DB 29 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/11608171/1645465385764/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 12:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 12:47:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 813A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N2tMOTFlaGgxTnJMcDA1&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&google_cver=1&google_push=AYg5qPJLznVnYLibNRzxJAvFyuPCblAIwev2meXfdi_3GKB...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N2tMOTFlaGgxTnJMcDA1&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&google_cver=1&google_push=AYg5qPJLznVnYLibNRzxJAvFyuPCblAIwev2meXfdi_3GKBZ6KMTk0ieeLwI6AfYRi1gywK0euZ1p2ceNjd9xYr-FP9T-iPWf3lF

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:10 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-078691873e5d8cf91@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N2tMOTFlaGgxTnJMcDA1&google_gid=CAESEARx6E10Y2sGLtw7dYI_Qr0&google_cver=1&google_push=AYg5qPJLznVnYLibNRzxJAvFyuPCblAIwev2meXfdi_3GKBZ6KMTk0ieeLwI6AfYRi1gywK0euZ1p2ceNjd9xYr-FP9T-iPWf3lF
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 813A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEE-YK0X3KLcQ8W5hw1X0abI&google_cver=1&google_push=AYg5qPKw3lPy_ukXvNKLpNXawcJS0WvAieZDRMc72pIEpX4GMhfUq3vIsEwrPz8rAFHz8PnA0jOmetS0I2Xd4A1meAcNm1aAI0ZT
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF538E2F9D604F8AA1727D4C4C106654&google_push=AYg5qPKw3lPy_ukXvNKLpNXawcJS0WvAieZDRMc72pIEpX4GMhfUq3vIsEwrPz8rAFHz8PnA0jOmetS0I2Xd4A1...

170 B
188 B

35ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF538E2F9D604F8AA1727D4C4C106654&google_push=AYg5qPKw3lPy_ukXvNKLpNXawcJS0WvAieZDRMc72pIEpX4GMhfUq3vIsEwrPz8rAFHz8PnA0jOmetS0I2Xd4A1meAcNm1aAI0ZT

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF538E2F9D604F8AA1727D4C4C106654&google_push=AYg5qPKw3lPy_ukXvNKLpNXawcJS0WvAieZDRMc72pIEpX4GMhfUq3vIsEwrPz8rAFHz8PnA0jOmetS0I2Xd4A1meAcNm1aAI0ZT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Tue, 08 Mar 2022 01:46:10 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 813A
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENXyByLAq-7C6MeA7pLU3ac&google_cver=1&google_push=AYg5qPITj2b5xKuKWNBLZULNAkukZ3qhYNj9mxL_1KNd0f_bBPkpOnfwqXawy42Hw88gE9Q1nhwvpPRBMcw...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPITj2b5xKuKWNBLZULNAkukZ3qhYNj9mxL_1KNd0f_bBPkpOnfwqXawy42Hw88gE9Q1nhwvpPRBMcw-azIyQmQks38pYP1A&google_hm=7LTFwQgTThKdQqRxj-4OkUM

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPITj2b5xKuKWNBLZULNAkukZ3qhYNj9mxL_1KNd0f_bBPkpOnfwqXawy42Hw88gE9Q1nhwvpPRBMcw-azIyQmQks38pYP1A&google_hm=7LTFwQgTThKdQqRxj-4OkUM

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPITj2b5xKuKWNBLZULNAkukZ3qhYNj9mxL_1KNd0f_bBPkpOnfwqXawy42Hw88gE9Q1nhwvpPRBMcw-azIyQmQks38pYP1A&google_hm=7LTFwQgTThKdQqRxj-4OkUM
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 813A
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPvi9cgNotaJd8GuUbB4jeY&google_cver=1&google_push=AYg5qPI3Z0msIDuAPnPLXNH4A-Y163TcHOwzc-3dz8PfS9dqlunw4mVYNwhe_-u6nXEmohtIHl5NRey-nCrXh64GlIHQ-yq...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI3Z0msIDuAPnPLXNH4A-Y163TcHOwzc-3dz8PfS9dqlunw4mVYNwhe_-u6nXEmohtIHl5NRey-nCrXh64GlIHQ-yqNpK83&google_hm=MzY2NzExMjgyMjUwNDgzMT...

170 B
188 B

22ms
21ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI3Z0msIDuAPnPLXNH4A-Y163TcHOwzc-3dz8PfS9dqlunw4mVYNwhe_-u6nXEmohtIHl5NRey-nCrXh64GlIHQ-yqNpK83&google_hm=MzY2NzExMjgyMjUwNDgzMTQ0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 09 Mar 2022 01:46:10 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI3Z0msIDuAPnPLXNH4A-Y163TcHOwzc-3dz8PfS9dqlunw4mVYNwhe_-u6nXEmohtIHl5NRey-nCrXh64GlIHQ-yqNpK83&google_hm=MzY2NzExMjgyMjUwNDgzMTQ0NQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 813A
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FeVrHxEUQ1-VAMZlRUHgYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FeVrHxEUQ1-VAMZlRUHgYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKrZg8Ulgt1H6X1k0L7YxuP6cHjMm0Ra3GLQydwk9zSDAaeRTMLJwFPN-DaLIEf60PrxZLZpoSEqtocPY2PbCjlwFjEhQNH

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FeVrHxEUQ1-VAMZlRUHgYw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKrZg8Ulgt1H6X1k0L7YxuP6cHjMm0Ra3GLQydwk9zSDAaeRTMLJwFPN-DaLIEf60PrxZLZpoSEqtocPY2PbCjlwFjEhQNH
date: Wed, 09 Mar 2022 01:46:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 813A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.targeting.unrulymedia.com/csync/RX-ba2d18b8-b0d6-4ef3-8003-92e48b01ce5a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKVNbbXm_AFLl0qxaAib...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKVNbbXm_AFLl0qxaAibNR7sp5PjZHtV4cPRO-y3LyQA6tGBVp_GPoJlVAEw-kCLU5vTPx-vJD29qZuby_YUuD7CrVRoxUj&google_hm=A7otGLiw1k7zgAOS5IsBzlo

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKVNbbXm_AFLl0qxaAibNR7sp5PjZHtV4cPRO-y3LyQA6tGBVp_GPoJlVAEw-kCLU5vTPx-vJD29qZuby_YUuD7CrVRoxUj&google_hm=A7otGLiw1k7zgAOS5IsBzlo

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKVNbbXm_AFLl0qxaAibNR7sp5PjZHtV4cPRO-y3LyQA6tGBVp_GPoJlVAEw-kCLU5vTPx-vJD29qZuby_YUuD7CrVRoxUj&google_hm=A7otGLiw1k7zgAOS5IsBzlo
date: Wed, 09 Mar 2022 01:46:10 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXba2d18b8b0d64ef3800392e48b01ce5a003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 813A
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFNwEXCV7ynI0TOfLqhr7bU&google_cver=1&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGy...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFNwEXCV7ynI0TOfLqhr7bU&google_cver=1&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGy...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEFNwEXCV7ynI0TOfLqhr7bU&google_cver=1&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1D...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBiMjJjNWEyYy05ZjRhLTExZWMtODRjMS0wNjI5NWRkMzRjM2E%3D&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGytTGtGVo_Va...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBiMjJjNWEyYy05ZjRhLTExZWMtODRjMS0wNjI5NWRkMzRjM2E%3D&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGytTGtGVo_ValCJkvYHXSpwYrDzqnmV8shJvs0Zt7fbImZ1Q

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBiMjJjNWEyYy05ZjRhLTExZWMtODRjMS0wNjI5NWRkMzRjM2E%3D&google_push=AYg5qPIioC1Kgi3B9dYMc9BUx0ViwN2F_40fH0O5XV-4h1l37olp1DGytTGtGVo_ValCJkvYHXSpwYrDzqnmV8shJvs0Zt7fbImZ1Q
date: Wed, 09 Mar 2022 01:46:10 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 813A 0
12 B 15ms
15ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IGreqRGiHhT_R7zjGH8Cd5j_jTmTs4Y-97lMgiy1ig8fmgrXkKlIcq9MZfDadK88AEY-LrZg

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 206 file.mp4
r3---sn-4g5ednsr.c.2mdn.net/videoplayback/id/494be701599dadf6/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1678326370/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame E42F 1 MB
0 16ms
8ms Media
video/mp4 2a00:1450:401e:28::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
URL: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401e:28::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3969285/3969286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3969286
expires: Wed, 09 Mar 2022 01:46:10 GMT
last-modified: Fri, 11 Feb 2022 11:46:00 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 50DC 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 19:47:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 280708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 19:47:42 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F902 0
23 B 58ms
43ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssM2wcw-ZK-O5SZ0p5XOt6eh-wA4BkOEeb8GxiNmUiM2uSGJgLR9BKzYMrFV1UzTb8AQeIJYoSBOEGhG0GGd7NACyhgwMy19p-dqyix2EJr1eTrXO8KJUFwDDAjAxhIHPw5HAWJi6S30zR0DeJdqLNN12c6ZA8CVtiKVdBjER4_aoOT8HHF8ADXrqLDlJ7AsfaM5MTILxXkoT9W6hKsC7sb2PrRFvBHokrVKH3pxBTkdkOZYl6YQuvqFWQHYd9TNkp8988Be4-GKem3JQuXBtQWh3qPWWVntwf-XwCRvvVzO6GqKd8jHb4HzhfbISxj5Xo196hUuiS850cobmNRIYk0NDp0OdgQ8qr2gcyy_d7Abpxz9uzH_b6urdgl6aky1JIFe7Be07vIbNkUF-mfAHHZBISpfHE77sZ6SOUL5-OOR7dRf6XRx1UKPgqzNoU5DIWvpBKuQDk6VCIMcyOiSloRr3LCtp51N9sjCRcorQQWnZCt-gl4wS-2KveZa0Tzcjd3Fa9eWwk38MSnT3ZlC9spnrUyePQuLKl-hFzM0t9jnfaneZaWkaX2QpoyVuYXKgHjjALVDIQTUQO0_xTahPtmPU6kD7gm5eBgehDBRiY1R1za2ZxJyV4m6NkAjaOhUatAstpiE2rDb1jfziXw911W6juDDuZ4RhKYOe0btBvXLYAIdMH0NNo80l5hHA2zBEMXRX9RhtdTiNmsfElfqLZOMe7B3lqc49LZt3djAeXTVlPU3gEvCobArGEroJRSBfbeV8L28YDoJz7ffP1l6h6Z3IKAZ9yz45BQ0TDS_7rAtFYbejYr0H0H-8etuCA_uIEZMjECguF-CAv63k_lh964zPBv-aBE74GzbEJe-idFbmbTA4bSuju5yayzjKdLU21Pql7fWHxhUQnDzEAJXfg_fJzL-sHrv-MABoIcRC-cJPpY7OFebftx7J3MbUwf3tvJuZP3YyF0ZLx41tfa-CCTELJ0sGo_yO8y5HhyY_bupbTzbfm5j-v6Tzktg1I4RcackdjsIJkVQEoxsXngbdgdyx2DT162j_Y4xqoHpnV1fOi6_P7G6sEWSwKBJyga3nXigtOCGSmfOw0ycc_qnWtzQdW5U1ojRBxw43DS6VXg2x3L_Idkwe7edhxcNOC_CCE1LFevgfql0La8cy-QNsuiLUt3MUMRi_qYcq5x4wx5Fb4QyATeJ5RkrF-usSn4apLOkh7QsspM_h88jcN8TZYm-l7gFX6lM62MlBC0Y9i9_8XRoA&sai=AMfl-YRgv-6y_hbgVE2WE7KMlLTqRMZ48qMfMlcORSLlmxy0NThSNRDJ0rOtp3fnzjHemM0fsq5Tv3rqxrYUYkkSMbbvKHTtAuqKOFIAevDy0xrSzHk0-xfcYHijvGk4mvE5uMbpWfHqYxT8vsU-jQImbZeiwCdPnUYzUDMk4_oYetCgZwf0piNRkCZ2Mqxi5hr9YjeJrKP-YmVQjHLrpDK28g&sig=Cg0ArKJSzLCNGgTkpXBXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=310&vt=11&dtpt=139&dett=3&cstd=169&cisv=r20220303.51322&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame 5406 35 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Mar 2023 20:10:16 GMT

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 60ms
59ms Preflight 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9022a96ca9cc4e-ZRH

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
58 B 61ms
56ms XHR
text/plain 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e9022a9df2001f8-ZRH

GET
H3 200 CTA.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/CTA.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa43c8bc54c1f5fd1bc59ba06a6e1c7f0ea42c18994915203dcd57cfa19f6c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 SL_02.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 848 B
872 B 7ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/SL_02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c573e34a38871724ab3ffc9567983223b94de6f7b727902fc0cef4d0d276ba72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 SL_01.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/SL_01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85bc223f9d9e6acf361bab57abbeb41c2f8a6b4646ce908ff949c4ddbd0e409f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1466
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 HL_03.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/HL_03.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18390e071d470ff372f68622a4f9a5c831efd44924ff5bd513abad2073bff537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1475
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 HL_02.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 1 KB
1 KB 9ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/HL_02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a076304df0e71eca679f933f5b834da30cffde6e114928369968b14102406ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1457
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 HL_01.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 720 B
744 B 10ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/HL_01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32fddd4f5b1691fb6da6aaa9b042136b286347f3c873bb190fb1f1f9576c2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 720
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 Logo.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/Logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58cb41cdd6d6084ffb64fab09ef1fb24595fee7c487812ce23a1081f7cdabdab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3318
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 Engel.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 9 KB
9 KB 10ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/Engel.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc4594c2194d5bcbb871d18e64c6c246ae0de07b77817b90682bd829d3a4f7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9679
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 Facette.png
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 39 KB
39 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/Facette.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b39562b6f6a4e8fb682ea540fa900ef77b8843381ef5df8c7775e2f044d6e885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:44:56 GMT
x-content-type-options: nosniff
age: 61274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40097
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:44:56 GMT

GET
H3 200 BG.jpg
s0.2mdn.net/11608171/1645465385764/ Frame F3DB 60 KB
60 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/11608171/1645465385764/BG.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be93f6667cc3875bc1a34ec4efbe6afd355fbfbaec10f6c47f4e718e609ab5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/11608171/1645465385764/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 08:55:27 GMT
x-content-type-options: nosniff
age: 60643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61358
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 17:43:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 09 Mar 2022 08:55:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A565 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=2416343094266387&bg=!eHulez_NAAb7UztL-1M7ACkAdvg8WhLM7triZq1P_4_lkwEm4fMvz6LTww5Wb4qYn8w9C88zaB35UQIAAAJ5UgAAAAJoAQeZAw8NmX_WELLTVvu0eFjXrVbomD7yWdvleBUVP_t75LjxVQG-OuBaqrLiVaLczn4ejrwEAg0U8XI-3u6ghSSFTQifV2dJ9F0sSzimDVhp4nFJawshFm8HlG9-_EbbnEcvPvsDJ0GdCvGvYVoIj2TYmkGhWoy74T8zILMwCs7GYYOE1qTKqSLLJabyFPw_-IYzmwxP2-4un9O2lXuZEgYXufnhrJ0Zan5lgx0YOk1zYbFYqmOUZH7W6Af37YwGHV2J5fRDlATdHheJ4E_i6HhC2s-54X2IFV9POc7YHVNymFkInGD5uKz8TuSoY3l2DQViY99Gqw9yK19atiEPqPq5SRuJjbIFADt2OIWaxXHReoA4wf901PyHiyLz66EP1TtZjRKFxDokhh7-47CbfBCSpPfYLQ0EayzClQxnM0-vV4uFkqlfuBZzFAZ1u-sKeo-WiIc1dpy3YPRWGfOmW0UV3q-8vVTwd8qJD8z6K_XXt10nlH73Is2f3VKCM6UfW0vQSKtghn2lwf-XJwatsuv23SSUJcUCfP9_EsxDglzwIcrf7R4Cy8TRrOjZDqqNUUMyYZr4sIq5u11Dbq2tTKzO4N0dEVQrBlXa41M4Y2W8O8zH6AyPgQ-fqZre9hJDP0nFBwVoFHkMzMC_MZkojfShFUR_THoLmcdf8Dfoy6BnTXbe8BgUY_YnScnLqmKWp7AfSKdlapUYIHTWqv5_mGfyLddbrXC90dJt9BDbvcgp_8boIqF6gH1mNWrLfDfz0ibK5Dh0KbFP5EhVGPqLdVcyRUyW8DlUivQMfzpvc_Pg3ils-q-1O51nQNVyfL01SAIGQc9HAIhHCbLcl7fkWKzbD5xZ0iR7iPWWCsTjJ0TDbhcPa0sJ701k7OPN7ILeZnVTRjH2Kn2Y5F2vpItfZkFAztO7py5MvIPkmg8SRhCxV8jyfVSdim-7Qcwx8UJ9gzh32gxHJC6LAJXfY2WvaxIgr8w4bfaGdaE3U7aKHf2g6o1W_wyUjKk1PVi6AsnmWXS03v01u7d-o23wTswM9QhJ_S4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E9CE 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=1589454116592088&bg=!ubqluv7NAAb7UztL-1M7ACkAdvg8Wu9v7FGjIhdySBoltjSJBwLbhwX-hkbgx8TGWq4l3tVV-ocR0QIAAAJVUgAAAAFoAQeZAvdaF17FBGW9mjGesM-OY5l6nc8YhJOFK-QyQwaKPV9bMks3dsodOlkq-LyiRh6ab6wkgurlmqE-3X2KS42_1lvvzj0wItF0Je9vV9mNOB0HA83JKxhF86Hb39ISHzPy1epSuWjBhhl4IZ9aVv2Mp8kgOEaeUnF4bZt9LfsmSR6bs3pawRmlSaHqgC6KfkeOGBSov1klw_XO4-jLop4IP-71HOdkfQtBsyeFkxhpOEujE45ABA_kVo0HGKTlWf10QsWyNUJxjYY320CTy3iXcqldWQHYi8gj09m6E4lIt1NeytCkNJ0DChDWYGTjWzL2QTa5qGlE9Hr9AEAo-BRGmDXbFobBBcZrFzo6n6vG9psZ0Fn_66K505xsk3ep5wAk-dxb_jamUOy8P1AjUMt-kFeTzzpTSGCGfDw8jCNv28t9MPksCW_xK6nObUQ_XSAzMlF7y-hq_MD9tAM9pDdFxQfjaFLKggeGWMlMPqfy8Dlelzca12VjRT7W5lCCUO-U3y1XQ3PVxr0REsknAXk-HrjCPRE6-Qk-H8g9SFc4PWUwgB9cM6r2hjmc80UpfTAKdGLO_zUCMPqpaVXCwIB8NIMg6IlI2sypfOK3pV4BIR-ReuKRC2laA8b0k06Ar6RzVfp5uuHQy5lYb3AltJyBMSU9_a0iYQndrONzy2jNj_LAwZ15pflsQHokFWMFdIy6KSTpYnwpdfRNwxolm1WJlnbLpGb3PAfjAbwQ_3--drJfHPLrD78KhQmWuLVJiwsZDNSAD8GM9B7D-4HUdVDUv1Cr_1BqJiGbKu-8DJkVdSJ0FyRo8cY8eQCzKnkG8KEE0pKEVr6Kzy9GGY5dVgVckwxHPIHl_VAE3qRoVOy5qCIq24R1-HWF-2GnwdTk_3qogag7ptRcdbJgxg26o0tPdKyAvTOBl-C_2YDAhUmG0ChN7dCCm_TMbKFrYebexcSoPa6Bnf-d05ioVBk3U68w2v0cRW-mWRq77onD7F-dbobc2uXgDbMpnjM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 9315 1 KB
563 B 31ms
30ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&cmcv=&pix=undefined&cb=1646790370964&uv=3137&tms=1646790370964&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BA29952BD9775638371710214488&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82deb488ed90a4434ca3c944a199af3d557338dbdd3862bf4b2fa7e304f13656

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 varnish
x-served-by: cache-hhn4058-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646790371.972017,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4050 1 KB
1 KB 31ms
31ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 19402e76616ff18ec8182bf839fe4271507b0038588e4d51d20126440f100cdb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:10 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 29ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&cmcv=&pix=31589837&cb=1646790370964&uv=3137&tms=1646790370964&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1646790362009.3!ts:1646790370964&mntl=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-length: 0
server: nginx

GET
H2 200 st Show response
imprammp.taboola.com/ Frame EAD3 1 KB
636 B 22ms
22ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&cmcv=&pix=undefined&cb=1646790370977&uv=3137&tms=1646790370977&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2A65FD4E87793234951006604404&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7e10dbfb0283c0817331b260e5d431bf49b969e3ff862292752c747bdf39e1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Mar 2022 01:46:10 GMT
via: 1.1 varnish
x-served-by: cache-hhn4058-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646790371.981163,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6732 1 KB
1 KB 22ms
22ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.6.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 86d0b0c5c5ac215d1bccc0057a9e5aeaf96554438e7eacc1c8d53f9f3f827b26

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:10 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3406

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 21ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&cmcv=&pix=31589837&cb=1646790370977&uv=3137&tms=1646790370977&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1646790362009.3!ts:1646790370977&mntl=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:10 GMT
content-length: 0
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50DC 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B0u3n4gYoYsbwGfvInsEPsvqY4AQAAAAAOAHgBAI&bg=!bW6lbirNAAb7UztL-1M7ACkAdvg8WjHD9foKmSdwYxIYzi-H3DMA0wXYsWf0vJp4-sFs1W1LGgTbEQIAAADpUgAAAAJoAQeZAznCO4OgPxJBuNWFsvWoFYZ4gWBumZ553H07PuH59wUL3Ki1xFw6BNKXqtNRJVFberX-1Y8sat0qvq71qTfM61JD_SYv9CX4dtfkkDcjli_4bLJpvxrJfXjFmaye0JIgjKmf7WDoCLbo-FutoXB706gCA59pGFGYAYanD77XE5eLpwjEV-SlYAPTb6TeACDX0bzF3GOfgvQ2vNxyM5yd-31fjG8PfH2PBTvKqdNy5zIZSHObu2d-OIqc6QZpFclFADYTV8CxaRoMyeTvnU8Hg_Xoi7pwdtaiFqTAonHVEh7FxR0tc1s4oSZh-DR9GWUwfIrh1zVJ1bnsxl1QaXoBBgSPgUl5EkBGYjt2DPriLSZJFe2pxtsPZm7dJQxEcSC4_HkRoYS2iT60tW8HkGxTU53jopESzkZe-NU0WDgZfdKycErFfN5EapXxHl-jdq6caOH-abqG-NvA1LT3K7D-hkktWKpIU4ZK5iTBd2bbEVhj2LDjTub9eimXXA4Hb23RED95soFHRGd0CTl0Qa0a4O_2KeX4EHFB2OzLrBqDUcSntJLK2bzkkcWThLKVeTpDgOAwl0d1fl3MK40Lh-k1XO1AaqA0a51M_zztuFML3nxj7p_EdZb1vR4PCMxjV6uawnus_T5yie32peJ8vbbmfb_SsOoW9AKkwMW78H4yMP6tANldbMPxGTLWii4xdinLVJX0GF0vxXxp-bYE1Fr-MwAQ2i84l2tHn7iS-nIR8Ma_HFooqx83kUyid-1JjPiL48QRDOrRPGf6OgrPXO1S4t4RdQbIQ6hw6Hg1LGVkNkAkcJ_4kHGfzkuteb14OflHTjmbYMmBz5zU17TO56JMwCwN4xPzx60Q_vkeW7-nN0kaQEbMv2rxP-JhkSR7Zxw46KeMi-QH19EsMFTJNiC9n1E1-w6j2qPrPnNRrhxraay4f3xCGbIxWTLsXmpgXKSDI_Zlp_hGCrVFZQ2ZMf797YK3PgZBQ7bV1nlvIHpSsa2G44PqmSAuhmGWqAVT0B0cmMmcoAs2xoiFoR9WFXuh-7Xwk7vNdrzuu_szql6spFA66crP_8ylGu9OFc9YGVTiAQR9UOFxzXpjWvw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9315 70 B
265 B 93ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&cmcv=&pix=undefined&cb=1646790370964&uv=3137&tms=1646790370964&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BA29952BD9775638371710214488&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 9315 43 B
182 B 317ms
98ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&cmcv=&pix=undefined&cb=1646790370964&uv=3137&tms=1646790370964&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BA29952BD9775638371710214488&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 9315
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

0
98 B

14ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&cmcv=&pix=undefined&cb=1646790370964&uv=3137&tms=1646790370964&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BA29952BD9775638371710214488&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15542

Redirect headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 96
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 9315 43 B
220 B 7ms
7ms Image
image/gif 18.194.141.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&cmcv=&pix=undefined&cb=1646790370964&uv=3137&tms=1646790370964&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BA29952BD9775638371710214488&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.141.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-141-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame 9315
Redirect Chain

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300

0
98 B

21ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&cmcv=&pix=undefined&cb=1646790370964&uv=3137&tms=1646790370964&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=BA29952BD9775638371710214488&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14942

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 188C 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 stream-locale-pt-BR.c1dbd14345e5f105ed6a3aab257eafea.chunk.js Show response
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/ Frame 188C 43 KB
13 KB 290ms
290ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream-locale-pt-BR.c1dbd14345e5f105ed6a3aab257eafea.chunk.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/stream.ec444b2b9e0c4eb0951e37cf1147f9dd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2ba053159f3ed7c3417eab551c45fb9ed82a2c81e0078932173bba0f13e0af98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oglobo.comentarios.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
x-openstack-request-id: txce32a19477be4372bc9bd-0061e45ac5
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
x-timestamp: 1611857408.09748
cache-control: public, max-age=5184000
content-type: application/javascript
x-trans-id: txce32a19477be4372bc9bd-0061e45ac5
x-request-id: 9afe5bbf-e3aa-4a52-b184-e396846c6955

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame EAD3 43 B
182 B 163ms
99ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&cmcv=&pix=undefined&cb=1646790370977&uv=3137&tms=1646790370977&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2A65FD4E87793234951006604404&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame EAD3 70 B
264 B 29ms
29ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&cmcv=&pix=undefined&cb=1646790370977&uv=3137&tms=1646790370977&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2A65FD4E87793234951006604404&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame EAD3
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

0
98 B

14ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&cmcv=&pix=undefined&cb=1646790370977&uv=3137&tms=1646790370977&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2A65FD4E87793234951006604404&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15542

Redirect headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 92
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame EAD3 43 B
220 B 8ms
7ms Image
image/gif 18.194.141.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&cmcv=&pix=undefined&cb=1646790370977&uv=3137&tms=1646790370977&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2A65FD4E87793234951006604404&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.141.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-141-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 4050 43 B
183 B 161ms
98ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4050 70 B
264 B 29ms
28ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4050
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

0
98 B

14ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15826

Redirect headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 70
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 4050 43 B
220 B 22ms
14ms Image
image/gif 18.194.141.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.141.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-141-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/ Frame 4050
Redirect Chain

https://cms.quantserve.com/pixel/p-FyWrHAMskJyru.gif?idmatch=0&us_privacy=1---&gdpr=1&&redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fquantcastrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%24UID%26orig%3...
https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300

0
98 B

15ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7dCcCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHMKgLJeryYTE3O1Ws81ws1vsFoPJYjQaDofAIQzKcrmaTEjM3W412ww3s8VuNpoMhrvRaAofxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPGwKL0XQ6fK57vcTs93nuep_Zb_HbdWa_xW_X-N1-jcPwND3MfsHfc_orXg-76e_WuyWWh-dpdotctpdb8vK4LC7LW-V2K-22l-f0dLvspr_nrTD8PW_J6_N5Otyyp-VheQselqfDrXcrTQ_XW-ayvjV-u-lhF5reZv_q9PZ3_q7Lx-Weu3yfs8t0elluqtPb33aZnK63e-V2OM021ent7zjchofTZ3fPXb7P6WE5uewAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxaGgLtPpZbc4PEZ_AAA8KIAAAAhgkAAU8J6WAHyczZwAAAAAAAAAALD8____xwzQ6y3IAIi85_QAPPgAPBAVrBYxAgAAAMgGuhw6mtQJlUUVAABBuhXAFQBAwB-bFjlqGAAAwMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHEwLK1EwLMuqJU_sFBABY-wUEAGBTNwCANwG4oCNoxWCwOoXYDWeD3WQwnM0OAAAA4O7___9fDwQmFuPMudmNbLuJyeZwuJwbh2WwGXkWo9VgMFltDzL2iQpF8UK9L0RYZr_voKCcnh6zyyAqut4Wu8Np9hzEBw3DcjII5jdhi9FqMtksh7PlYjIYjoaj0f4EcjnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCVK0aDBZjUaTxWS4Gk1Ws-Vit9sgRatWs9FmMFzNJrPdbjUcDJejEU7YYrSaTDbL4Wy5mAyGo-FoNESYGyyGs-FutpYtJi63aOSZuBU2w8wtWq6Gq8nIZBlZFmvR62N6ThbDjW0yxYP5uJz72oWLggF-exFcpBOVyWn6Wx4-s9_id-t9Zr_FbxFLNCeLdCK77AsTi3Hm3OxGtt3EZHM4XM6NwzLYjDyL0WowmKz2vcFiOBvuZmvZYuJyi0aeiVthM8zcouVquJqMTJaRZbEWvT6m52Qx3Ngm-8ZsNNstB5vdYN-YjWa75WCzG-w7dIbv6nM2yrbnlEcl8WhrMWXMfFC4DBbvT2JaTLuzg-r3OzqFhumyqDMaf96j16DwHDyqxd8aFnYOy-psW1Y4DgZFLBGcLtKJ6GU8XcQSydMinWhWC8Ng5RttfJPZyLkZziYmh2s53M1Mm8VuMbFNxBKl6SKd6DUOw9P0MPsFf8_pr3g97Ka_W--WWB6ep9ktctlebsnL47K4LG-V2620216e09Ptspv-nrfC8Pe8Ja_P5-lwy56Wh-UteFieDrferTQ9XG-Zy_rW-O2mh11oepst6j82yGI3l43mitViLtutEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_FnqAoMAAAAAAADshk-IzlGyEjMUN348USan6W95-Mx-i9-t95n9Fr-VASTcRJk3eyaItVotawAAAAFsAACAAG7dvAWoSHI!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15826

Redirect headers

location: https://sync.taboola.com/sg/quantcastrtb-network/1/rtb-h/?&taboola_hm=IIL43iaGr9Q7iPKFIInngnfS_NQ7gv7TIoYOz300
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6732 70 B
264 B 28ms
28ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 6732 43 B
182 B 160ms
98ms Image
image/gif 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:1045:b1b6:a84f:9c3b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6732
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&

0
98 B

15ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15826

Redirect headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=b286f232-9f4a-11ec-a9f0-1bbe6fc50506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 85
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 6732 43 B
220 B 22ms
9ms Image
image/gif 18.194.141.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.141.235 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-141-235.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.259&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%22%22%2C%22eof%22%3A%22true%22%2C%22fti%22%3A%22%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=3562&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=24&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15987

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.261&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=7498&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=25&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15987

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.263&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=1862&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=26&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15987

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.263&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%22%22%2C%22eof%22%3A%22true%22%2C%22fti%22%3A%22%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=738&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=27&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15987

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.270&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=6347&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=28&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15595

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.271&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=1659&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=29&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15595

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.273&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=1833&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=30&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15595

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.290&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=9832&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=31&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15595

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.293&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=1514&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=32&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15163

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.294&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=511&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=33&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15163

GET
H2 200 optout_check Show response
beacon.krxd.net/ 78 B
237 B 37ms
36ms Script
text/javascript 99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0a41ebd2c5a342d0d3d1cb028cadcbe2ce860e955fae5924bfc4ab7d394bf8a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=69 t=1646790371
x-served-by: beacon-n020-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 363 B
506 B 105ms
104ms Script
text/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0a897a82ff5986b4068f83a629339fe6107896e2caa458fa23517455126902a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
age: 0
x-served-by: userdata-a007-ash-prod.krxd.net, cache-hhn4076-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790371.366949,VS0,VE98
content-length: 278
x-cache-hits: 0, 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 13D1 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1Fh4Hcg81vWekC-5w1nHCUMbrNt2n5pAa3bKF489A_da1GGYh9l1jsUQhuLJ70nL4TwirhlJaj6TReb35MVvXp_XBt-jAKR5-40mwN9h_aSTxd-uB&sig=Cg0ArKJSzFx3hn-ePq6VEAE&id=lidar2&mcvt=1141&p=133,436,223,1164&mtos=1141,1141,1141,1141,1141&tos=1141,0,0,0,0&v=20220307&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=436941508&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646790369702&rpt=495&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 22ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.396&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=1983&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=34&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16515

POST
H2 204 bulk-metrics Show response
am-trc-events.taboola.com/editoraglobo-oglobo/log/3/ 0
251 B 22ms
14ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=deflated&bulkSize=4
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://blogs.oglobo.globo.com
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 22ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.398&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=7708&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=35&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16515

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 20ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.399&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%204&llvl=2&id=6770&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=36&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16515

GET
H2 204 debug
am-trc-events.taboola.com/editoraglobo-oglobo/log/2/ 0
89 B 18ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/editoraglobo-oglobo/log/2/debug?tim=01%3A46%3A11.399&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%205&llvl=2&id=3708&cv=20220308-6-RELEASE&lt=deflated&uuid=dc3eef7049575035f6c72adaa068cbe7ef36d7863fda065855cc61979e7713ce&dcc=37&pct=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16515

POST
H2 200 wl Show response
t.pubmatic.com/ Frame E9CE 17 B
187 B 55ms
18ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157163
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

POST
H2 200 wl Show response
t.pubmatic.com/ Frame A565 17 B
99 B 61ms
33ms XHR
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=157163
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4984/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 17
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5406 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6qMR4gYoYt7KFN2Q7_UP4r-BmA8AAAAAOAHgBAI&bg=!jI-lj8vNAAb7UztL-1M7ACkAdvg8WrxZn2kbLCIcivWeGODpOAYUyD781mmgKbGXM84RbEDNbjZENgIAAAG4UgAAAANoAQeZA0pDMLwu5uNYodlES9CodpoFYqrT0Q40GuyR2DwhsNdI8COTqpYRyHXmbcFookPCxySrfULlTf8LVLmU5eRqhvk5ziOAewfX5yNhe-pB2jH1j_A72Pcpo_nVf1OE4jjRFFkU6lltwCUgkTm1HlfZYMssYQyR7eitkGMQHrhKqdehI-2kbC_qTTljwXbrLjslcFEWQnd8cNpLHrwjg-yU4VUGOYW5IySLxfhy5izMFFFjMMOZhgeMEXgSxRZAJxmpZ0zwvdg_5OSfUnNV3dw3mUuERCOdhpVXnXAIwppMA8GjXQYT43zkWF-yvyNxDkg1xKjKoW2KEd_vP8KhdUwsa2HYZBShuULH_Y81J27LfrtKAO0dyu1jh7Mi99JKYLIifsT0HvkY-XgdI4mM67cOwbHh0at6bKZFL8R5WS9P1hVs0F8f-PsXnLeZgSI1FQQGx3LlpVpZ6za8p7LAKnQg-eh3RHHFp0-4WZ04MCNTAgF5rN1x7NGHgBFBlvH4UQy12wziXPxqXsMOak-3NLphKrA_HSqDLC5zAPzlfdxfj_4vKV7Rwy6DBDK7ov3fqh1k26003350GajHTE6il6F9Dolg6ohY9wxYoLfLbSq_7cW3JHbVjyF652wgIAvCW3ql5g2j-tXVxGPy8Qj4ybutGdfW38jGVmUOrl239_UuqULyTZImjH1DnP1M2ZwVLNiIyFrRbICo1artPV_y9hMlek73WMfT1TSrJ-seN7PyoJUChM7DgISk8FSHIwybZNF41HyfsVU0ZN3VIPwIjGcDc0M9kOLoKo9h7dnNu16lxvgyboQ8quKs_HdJLJwFLxQ9YXa25FnxxZbZ1Xceyc3vsPHVyqXrE080sZ1ZEN0kbKtzWAybtWhxSACHmx6CurkMpdAZSmVMWwoZCpC2X3MmOdUe_AxoFJSoiYIAfJWfSy6HVAPfX5_6uWWGPHnhte-xDKhLziYdwrKUsoqEVxufOwQOvjFPVQ832VWGK7OjlQVlHD_L2MnYlewM-poWsow1Rn35IIOW4G958jL-2FjcC2iT1CAfZJh7Wi2jMktdnnOAjlOgLZm8LYviNxtINJiW0JtoQ3SfBQ-EW48hfB-ALZAMOxxStBMom0xMvg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events Show response
api.deep.bi/v1/streams/EJntYTLE3eKP/ 0
58 B 58ms
58ms XHR
text/plain 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Requested by

Host: api.deep.bi
URL: https://api.deep.bi/v3/init.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
Authorization: bearer Da16NqKwj2619hxwdhdGH9u1
Content-Type: application/json

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
cf-ray: 6e9022ade92601f8-ZRH

OPTIONS
H2 204 events
api.deep.bi/v1/streams/EJntYTLE3eKP/ Frame 0
0 56ms
56ms Preflight 2606:4700:10::6816:29b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.deep.bi/v1/streams/EJntYTLE3eKP/events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:29b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://blogs.oglobo.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With,Device-Stock-UA,X-Device-User-Agent,X-Operamini-Phone-UA
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9022ad8e62cc4e-ZRH

GET
H2 200 5007d44e-09d1-49b7-8c99-6b1cc38c3cbc Show response
consumer.krxd.net/consent/get/ 220 B
308 B 36ms
36ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e772810d3abfe36e743e98b36a86c95297aa589613cec8cd68f7a97b442b52df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a012-dub-prod.krxd.net, cache-hhn4082-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1646790371.479196,VS0,VE30
content-length: 185
x-cache-hits: 0, 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8471
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

22ms
6ms

Document
text/html

104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame F575
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

23ms
7ms

Document
text/html

104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7qYkCFgOX8rHlp7JABgSX8rHlp7JABgUAAAAGBvQHHLKgrWYk0oq42y03k81ouVoMBrPZYDQajIagIQvaakYirYi73XIz2YyWo-Fktdwtl4MpRBjLZTKoBRKW2e87CBo-lxsCi9F0Onyue73E7Pd57nqf2W_x23Vmv8Vv1_jdfo3D8DQ9zH7B33P6K14Pu-nv1rsllofnaXaLXLaXW_LyuCwuy1vldivttpfn9HS77Ka_560w_D1vyevzeTrcsqflYXkLHpanw613K00P11vmsr41frvpYRea3mb_6vT2d_6uy8flnrt8n7PLdHpZbqrT2992mZyut3vldjjNNtXp7e843IaH02d3z12-z-lhObnsAAAAAPAAUPW0APEDCAAQAQAAACABAAAAQBFQ8W8hcAEAAACAAYCQGK4BAMWhoC7T6WW3ODxGfwAAPCiAAAAIYJAAFPCelgB8nM2cAAAAAAAAAACw_P___8cM0OstyACIvOf0ADz4ADwQFSAWMQIAAADIBrocOprUCZVFFQAAQboVwBUAQMAfmxa5cBgAAMDA2AI9LH6_2WHX-N0uAwAAAAAAAAAw-z_7RxMCytRMCzLqiVP7BQQAWPsFBABgUzcAgDcBuKAjaMVgsDqF2A1ng91kMJzNDgAAAODu____Xw8EJhbjzLnZjWy7icnmcLicG4dlsBl5FqPVYDBZbQ8y9okKRfFCvW9CWGa_7yBo-FwG8UHDsJwMgvlN2GK0mkw2y-FsuZgMhqPhaLQ_gVwOcCIGy-VkspjsVqPVaDPcjWaDBQrEYIIULRpMVqPRZDEZrkaT1Wy52O02SNGq1Wy0GQxXs8lst1sNB8PlaIQTthitJpPNcjhbLiaD4Wg4Gg0R5gaL4Wy4m61li4nLLRp5Jm6FzTBzi5ar4WoyMllGlsVa9PqYnpPFcGObTPFgPi7nvnbhomCA314EF-lEZXKa_paHz-y3-N16n9lv8VvEEs3JIp3ILvvCxGKcOTe7kW03MdkcDpdz47AMNiPPYrQaDCarfW-wGM6Gu9latpi43KKRZ-JW2Awzt2i5Gq4mI5NlZFmsRa-P6TlZDDe2yb4xG812y8FmN9g3ZqPZbjnY7Ab7Dp3hu_qcjbLtOeVRSTzaWkwZMx8ULoPF-5OYFtPu7KD6_Y5OoWG6LOqMxp_36DUoPAePavG3hoWdw7I625YVjoNBEUsEp4t0InoZTxexRPK0SCfC0WqxGGxMltlkNZnMZrPRZjEYDkaTyWZmMs5cE7FEabpIJ3qNw_A0Pcx-wd9z-iteD7vp79a7JZaH52l2i1y2l1vy8rgsLstb5XYr7baX5_R0u-ymv-etMPw9b8nr83k63LKn5WF5Cx6Wp8OtdytND9db5rK-NX676WEXmt5mi_qPDbLYzWWjuWK1mMt2qwQAAAAAAAAAsIQ58yYAAAAAp8HsVsvdarkAEn-WusAgAAAAAAAAu-ETonOUrMQMxY0fT5TJafpbHj6z3-J3631mv8VvZQAJN1HmzZ4JYq1WyxoAAEAAGwAAIIBbN28BKpIc!&cmcv=&pix=undefined&cb=1646790370977&uv=3137&tms=1646790370977&abt=aat1_vA!adh5c-1_vA!eidc_vB!iiqd1_vB!iiqd2_vB!iiqd5_vB!nrlc_vA!pblc_vE!scec9_vB!spa2_vA!t45!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=2A65FD4E87793234951006604404&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
date: Wed, 09 Mar 2022 01:46:11 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
336 B 29ms
29ms Image
text/plain 99.80.96.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=oglobo.globo.com&_knifr=15&_kua_kx_tz=0&geo_country=de&geo_region=by&geo_dma=276005&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_glbdt_utype=anonymous&_kua_dmp_globo_id=221163472121794115689&_kua_kx_tech_browser=Chrome%209&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=by&_kua_kx_geo_dma=276005&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TXOxh%3A1%2CNu7TU16i%3A1%2CNu7TXGRd%3A1%2CNu7TXc5X%3A1&_kpa_url_path_1=capital&_kpa_url_path_2=post&_kpa_url_path_3=quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&_kpa_meta_site_name=Capital%20-%20O%20Globo&_kpa_title=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&_kpa_full_path=blogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta&_kpa_subdomain=blogs&_kpa_domain=oglobo&_kpa_utag_editoria=economia%2Fcapital&_kpa_utag_page_type=post&_kpa_utag_produto=O%20Globo&_kpa_oglobo_utm_origem=newsletter&_kpa_oglobo_utm_midia=email&_kpa_oglobo_utm_campanha=newstarde&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=6&t_tcp=465&t_http_request=-1&t_http_response=457&t_content_ready=5507&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=w7nfauer1&_kurl_=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&userdata_user=OtNDA5e_%2Cw7nfauer1&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C106%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C118%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C126%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2CNaN
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.96.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-96-31.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private, no-cache, no-store
x-request-time: D=152 t=1646790371
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 467226423720066 Show response
connect.facebook.net/signals/config/ 308 KB
87 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/467226423720066?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ebacea4c728a8c1b0a5cfd83354b869a559c69fe5756cada162562c1ae37cf8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89565
x-xss-protection: 0
pragma: public
x-fb-debug: pKc8KCbxbQmQsVMIOwBcD4zHDZ8V3c59zx1p5tR8oZpuml4V5Yjzi7NbRzUnaua9VBIO+3Yx+dq8/wmt1UFngA==
x-frame-options: DENY
date: Wed, 09 Mar 2022 01:46:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8471 32 KB
10 KB 8ms
8ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35965
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 11:45:36 GMT

POST
H2 204 bulk Show response
trc.taboola.com/editoraglobo-oglobo/log/3/ 0
148 B 22ms
22ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-oglobo/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://blogs.oglobo.globo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
via: 1.1 varnish
server: nginx
x-timer: S1646790372.554443,VS0,VE10
x-served-by: cache-hhn4058-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F575 32 KB
10 KB 7ms
6ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35965
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 11:45:36 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=410270039520634&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790371561&sw=1600&sh=1200&v=2.9.55&r=stable&ec=4&o=30&fbp=fb.1.1646790367961.1756370098&it=1646790367771&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:11 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde&rl=&if=false&ts=1646790371562&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646790367961.1756370098&it=1646790367771&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 09 Mar 2022 01:46:11 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 8471 0
239 B 7ms
6ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=L0IWGSG0-19-46XQ
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame 188C 205 B
482 B 249ms
248ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=26ec6fb6706a50ae3e592654f5dc4518&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%7D

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/js/vendors~account~admin~auth~install~stream.fed0baa2de5aacf2dc8768b3dc3f5563.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

87fc19b38882ef0742e284a9e0b04fcb6852c1a1d43547c50fb54d89d5390f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: b2ac37f0-9f4a-11ec-8bae-d9165eac79d3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b2c5b360-9f4a-11ec-8865-37e0f9787607
date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"cd-7Ke5pVkoV+P6sBwCFGXiDbhygco"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame 188C 2 KB
1 KB 258ms
257ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=81fcfa8ace817dce2f37c314891440d5&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%2C%22storyMode%22%3Anull%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

8a4ce6003de8e3bdbd6e49e45ae481f8691b3acc92877f65bc79f779f1f475d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: b2ac37f0-9f4a-11ec-8bae-d9165eac79d3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b2c47ae0-9f4a-11ec-99f0-61371d430d7b
date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"89f-5HClTtmozRuG8gldQDye4h+iuQo"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 188C 10 KB
11 KB 676ms
225ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
x-openstack-request-id: txc101e365bfde43c7983b4-00619540c5
last-modified: Tue, 25 Jun 2019 17:35:22 GMT
x-thanos: 0AB47187
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 10284
accept-ranges: bytes
x-trans-id: txc101e365bfde43c7983b4-00619540c5
x-request-id: 04a4c49a-6e4a-4cce-8ad2-6df0ec7efd88
x-timestamp: 1561484121.35690

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F902 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT0f0jm0XgC56_Nwr0glZoYQqgTZTzz8PdY-Co5hYDvKyBXYEEhMXVljCGTmJpCuxWJVfv4j0hKi8lExKET-M9itvI8GLV0KDRsWk2&sai=AMfl-YRKO16LQlWU1Jo24wtzGeLU4Dvvb1sNBQ441JI_QadtDa1uJqLXtY-NPDXQE3OErepck9DNMJmHaxdb6YL9hGvW2nBCWHJM6DfkeTh78M2lcN-wUJZUN9FzmCU&sig=Cg0ArKJSzNSsS8H2vYKdEAE&cid=CAASJORo4cuMPB86eBVxrtSOXtKTsaINoxry6MojFIGB1Dcpmmu_Vw&id=lidar2&mcvt=1001&p=307,1126,557,1426&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220307&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1386723900&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646790370142&rpt=451&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
733 B 7ms
6ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 9112
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by: cache-hhn4058-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1646790372.658024,VS0,VE0
date: Wed, 09 Mar 2022 01:46:11 GMT
x-amz-request-id: DM4PBFJ9QH08DD7N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 66
x-cache-hits: 407

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8471
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUxMTk5ZGQxMmRlMTEyMzk2YzQ3Y2U5ODA5Njk0OGVkMTAxNmJhNw&gdpr=1&us_privacy=1---

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUxMTk5ZGQxMmRlMTEyMzk2YzQ3Y2U5ODA5Njk0OGVkMTAxNmJhNw&gdpr=1&us_privacy=1---

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWUxMTk5ZGQxMmRlMTEyMzk2YzQ3Y2U5ODA5Njk0OGVkMTAxNmJhNw&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8471
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&gdpr=1&us_privacy=1---

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&gdpr=1&us_privacy=1---

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBJV0dTRzAtMTktNDZYUQ==&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8471
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/UkCHdedJmBFlMsRelYNrOsn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3667112822504831445

0
239 B

7ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3667112822504831445
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

date: Wed, 09 Mar 2022 01:46:11 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3667112822504831445
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 8471 0
0 16ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?gdpr=1&us_privacy=1---
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8471
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP_9UXDAsChM_IhgSoxvv50&google_cver=1

0
239 B

7ms
6ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP_9UXDAsChM_IhgSoxvv50&google_cver=1
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP_9UXDAsChM_IhgSoxvv50&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8471 70 B
264 B 29ms
28ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 8471
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGSG0-19-46XQ&gdpr=1&us_privacy=1---

0
729 B

219ms
202ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGSG0-19-46XQ&gdpr=1&us_privacy=1---
Requested by: Host: blogs.oglobo.globo.com
URL: https://blogs.oglobo.globo.com/capital/post/quanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html?utm_source=newsletter&utm_medium=email&utm_campaign=newstarde
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 87365BF413814ECE9A2F405CCE9BA337 Ref B: FRAEDGE0717 Ref C: 2022-03-09T01:46:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-source-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZv0MhSeH2XcZgXJy4aA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0IWGSG0-19-46XQ&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 8471
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IWGSG0-19-46XQ&sigv=1&esig=2~6a4947876532a172aeb98c2874addfa64e878378&gdpr=1&us_privacy=1---

0
194 B

62ms
20ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IWGSG0-19-46XQ&sigv=1&esig=2~6a4947876532a172aeb98c2874addfa64e878378&gdpr=1&us_privacy=1---

Requested by

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0IWGSG0-19-46XQ&sigv=1&esig=2~6a4947876532a172aeb98c2874addfa64e878378&gdpr=1&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 64ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Mar 2022 01:46:11 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 45ms
16ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:11 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:17 GMT
server: nginx
etag: W/"62194aa5-18342"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 10 Mar 2022 01:46:11 GMT

GET
H2 200 graphql Show response
oglobo.comentarios.globo.com/api/ Frame 188C 1 KB
1 KB 257ms
257ms Fetch
application/json 131.0.25.85
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://oglobo.comentarios.globo.com/api/graphql?query=&id=cf0bfa0e60dd576a3908cde9a42cd1f0&variables=%7B%22storyID%22%3Anull%2C%22storyURL%22%3A%22https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%22%2C%22commentsOrderBy%22%3A%22CREATED_AT_DESC%22%2C%22tag%22%3Anull%2C%22storyMode%22%3Anull%2C%22flattenReplies%22%3Afalse%2C%22ratingFilter%22%3Anull%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

131.0.25.85 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

60bf46d74b330ef8bcaad1baa8e57ed85025fed42d27e2813a94fad993be49d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://oglobo.comentarios.globo.com/embed/stream?storyURL=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html&v=6.7.1&ts=1646790300000&initialWidth=700&childId=box-comments&parentTitle=Quanto%20o%20Brasil%20deve%20receber%20em%20investimentos%20ap%C3%B3s%20R%C3%BAssia%20virar%20p%C3%A1ria%3F%20O%20Ita%C3%BA%20fez%20a%20conta%20%7C%20Capital%20-%20O%20Globo&parentUrl=https%3A%2F%2Fblogs.oglobo.globo.com%2Fcapital%2Fpost%2Fquanto-o-brasil-deve-receber-em-investimentos-apos-russia-virar-paria-o-itau-fez-conta.html%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dnewstarde
X-Coral-Client-ID: b2ac37f0-9f4a-11ec-8bae-d9165eac79d3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: b2f1f380-9f4a-11ec-b835-79da0d1547c2
date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
etag: W/"5d7-EcQwzCqZmiE84eTd32ivWgEQZYQ"
vary: Accept-Encoding
content-language: pt-BR
x-content-type-options: nosniff
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type
x-xss-protection: 1; mode=block

POST
H3 204 csi
csi.gstatic.com/ Frame E42F 0
17 B 28ms
13ms Ping
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l0iwgu23&c=7315070300736&slotId=3657535150368&qqid=CI73hpj0t_YCFdGydwod6UcNkg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=864&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vmfc=13&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C692%2C59%2C342%2C343%2C345%2C346&webm=2&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211103_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://61b43f64882178cd815079e2345f2294.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 2 MB
556 KB 226ms
226ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 5042161c4a24ceca086995677e9d8a23e7270065023c81dafee83efbb95cf18a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
x-openstack-request-id: txf9b8a70d22854467ada95-006228021b
last-modified: Thu, 03 Feb 2022 14:54:40 GMT
x-thanos: 0AB47184
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1643898583.000000
x-timestamp: 1643900079.58871
cache-control: public, max-age=1800
content-type: application/javascript
x-trans-id: txf9b8a70d22854467ada95-006228021b
x-request-id: e86c2acf-01da-428a-b4b2-5ad1ab8da675

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 188C 10 KB
11 KB 576ms
450ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
x-openstack-request-id: txd2fa11e397e84dbb9bbcc-00619540c4
last-modified: Tue, 25 Jun 2019 17:36:35 GMT
x-thanos: 0AB47187
etag: 4124088fdd8c315a6d096b65b6cbf428
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 10352
accept-ranges: bytes
x-trans-id: txd2fa11e397e84dbb9bbcc-00619540c4
x-request-id: 2962ad38-c5a5-40d0-a46a-2faa01ab3d5e
x-timestamp: 1561484194.26376

GET
H2 200 MaterialIcons-Regular.570eb83859dc23dd0eec423a49e147fe.woff2
s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/media/ Frame 188C 43 KB
44 KB 798ms
673ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/media/MaterialIcons-Regular.570eb83859dc23dd0eec423a49e147fe.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk/468bac22966b4d190f48fe7582fa339108ffcf90/assets/css/stream.48fcab9847bb8f1bdf1cbf7c6c22b202.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
x-openstack-request-id: txd8ebc3e8fdfc4fa2b5c72-0061e45acc
x-trans-id: txd8ebc3e8fdfc4fa2b5c72-0061e45acc
content-length: 44300
x-request-id: 394250b4-9773-4869-b14a-6eb329493c9c
last-modified: Thu, 28 Jan 2021 18:10:09 GMT
x-thanos: 0AB47187
etag: 570eb83859dc23dd0eec423a49e147fe
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1611856603.000000
access-control-allow-origin: https://oglobo.comentarios.globo.com
x-timestamp: 1611857408.77746
cache-control: public, max-age=5184000
accept-ranges: bytes
content-type: application/octet-stream
access-control-expose-headers: x-trans-id, content-language, x-object-meta-mtime, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 188C 16 KB
16 KB 573ms
448ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://s3.glbimg.com/v1/AUTH_c5dfc0eef7ee40d68bdd0993be881440/coral-talk-styles/2.2.1/style.css
Origin: https://oglobo.comentarios.globo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
x-openstack-request-id: tx0c33909d1bcd439985b5a-00619540c6
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0AB47187
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control: public, max-age=31536000
content-length: 16172
accept-ranges: bytes
x-trans-id: tx0c33909d1bcd439985b5a-00619540c6
x-request-id: 9c50a22c-3b9f-4a14-bef0-cc9c84b28642
x-timestamp: 1561484206.27623

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 54D9 0
15 B 7ms
6ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://blogs.oglobo.globo.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://blogs.oglobo.globo.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0
date: Wed, 09 Mar 2022 01:46:12 GMT

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
122 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7492476dfa60f0146889b13e37c67fd1a70e42e6ddb017c0c08e25148fd8985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124424
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:46:12 GMT

GET
H3 200 ima3_dai.js Show response
imasdk.googleapis.com/js/sdkloader/ 427 KB
142 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5141781ae3fd5addc6cfe635f6d63ff49c618c8b4de29c02050bfb1c1c20c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145086
x-xss-protection: 0
expires: Wed, 09 Mar 2022 01:46:12 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 3246
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: d2c+S+ILbil9YoWV0pdRt5sw8P0XC/NhHYbhmL4aRwQla6EAzDzo1EmADmZOYSNh2V3J9hbip1I=
x-served-by: cache-hhn4058-HHN
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1646790372.472569,VS0,VE0
date: Wed, 09 Mar 2022 01:46:12 GMT
vary: Accept-Encoding
x-amz-request-id: 6CY1FG8Q11T7G8KE
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 66
x-cache-hits: 1110

GET
H2 200 eid.js Show response
cdn.taboola.com/scripts/ 14 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220308-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82f3e86bf88366e93c62eb14a8a7aa06afb75aa135c27988f3ccb946875d2f33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: Rgk6TX83.a2Xbi9.mRUycMEPnxVzEJhe
content-encoding: gzip
etag: "f7917ed1eb799a729725a7db50d1f828"
age: 1799
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5258
x-amz-id-2: Rhh0WCO+nH/zCfz3jMuRc6c0XnxbSs+HWO0GK9r2x4mf5YFhPlfQqTSv3iCD1wQHcZnxVg9CFQU=
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 28 Dec 2021 08:10:40 GMT
server: AmazonS3
x-timer: S1646790372.472628,VS0,VE0
date: Wed, 09 Mar 2022 01:46:12 GMT
vary: Accept-Encoding
x-amz-request-id: 4QYNQ0077R21PYSA
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 66
x-cache-hits: 590

GET
H2 200 / Show response
pips.taboola.com/ 64 B
245 B 64ms
18ms XHR
text/plain 2a04:4e42:200::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: de3e774a6744e4da1ae6e90e171728d0d3dd0a4584bc0dc3e5b2ff5daf5ae45b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-mxp6961-MXP
access-control-allow-methods: GET
access-control-allow-origin: https://blogs.oglobo.globo.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 259ms
86ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=70186876-61be-4d3b-af0f-495852dd2d21-tuct9218c62&uad=d4924fad2d1c392eb9c0e3e0184186fbb9f5d5f6d45a8600f506a5629cdf20ca
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 09 Mar 2022 01:46:12 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D1ED 52 KB
17 KB 28ms
7ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:15 GMT
Date: Wed, 09 Mar 2022 01:46:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 850B 15 KB
6 KB 18ms
17ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=36444
expires: Wed, 09 Mar 2022 11:53:37 GMT
date: Wed, 09 Mar 2022 01:46:13 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0D52 281 B
554 B 7ms
6ms Document
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0D52 32 KB
10 KB 7ms
7ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35963
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 11:45:36 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 850B 2 KB
3 KB 155ms
155ms Script
text/html 192.82.242.209
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59227342&p=157163&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: fe8fcc5399c124251de06ff1edbe467e30321eceea81479f25d8103fe1e04522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D1ED 0
743 B 13ms
12ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:13 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8b35e635-79f8-484e-ae41-df3d4f0e76f5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 55B8 52 KB
17 KB 8ms
7ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:15 GMT
Date: Wed, 09 Mar 2022 01:46:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 807B 281 B
554 B 7ms
6ms Document
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A19D 52 KB
17 KB 12ms
7ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_oglobo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:15 GMT
Date: Wed, 09 Mar 2022 01:46:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 807B 32 KB
10 KB 7ms
7ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35963
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 11:45:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 55B8 0
743 B 15ms
15ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:13 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e39cdbfc-601b-44e3-b91d-6822dee94b4e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A19D 0
743 B 13ms
12ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:13 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d2bf3745-1524-4bc8-8596-afd0b51ad033
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 2D3A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB

35 B
468 B

18ms
18ms

Document
image/gif

37.157.4.41
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:13 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Wed, 09 Mar 2022 01:46:13 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1A9B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YigG5QALpzc_mABB&gdpr=0&gdpr_consent=&_test=YigG5QALpzc_mABB

1 B
235 B

18ms
18ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YigG5QALpzc_mABB&gdpr=0&gdpr_consent=&_test=YigG5QALpzc_mABB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:13 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: lhrpug030:0:613
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YigG5QALpzc_mABB&gdpr=0&gdpr_consent=&_test=YigG5QALpzc_mABB
accept-ranges: bytes
date: Wed, 09 Mar 2022 01:46:13 GMT
via: 1.1 varnish
x-served-by: cache-hhn4073-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1646790374.629243,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DBB7
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:426a6228-06e5-4e00-abb9-b739f14239e3&gdpr=0&gdpr_consent=

42 B
651 B

54ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:426a6228-06e5-4e00-abb9-b739f14239e3&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Wed, 09 Mar 2022 01:46:13 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug007:0:355
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Wed, 09 Mar 2022 01:46:13 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4245 b916d47 master zrh-pixel-x26 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:426a6228-06e5-4e00-abb9-b739f14239e3&gdpr=0&gdpr_consent=
Expires: Wed, 09 Mar 2022 01:46:12 GMT

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 7B73
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHbktrN0VVQTRBQUJYVmp2NzBhUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGnKk7EUA4AABXVjv70aQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGnKk7EUA4AABXVjv70aQ&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGnKk7EUA4AABXVjv70aQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

68ms
16ms

Document
image/gif

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGnKk7EUA4AABXVjv70aQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-type: image/gif
date: Wed, 09 Mar 2022 01:46:13 GMT
transfer-encoding: chunked

Redirect headers

Date: Wed, 09 Mar 2022 01:46:14 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGnKk7EUA4AABXVjv70aQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 850B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4_l618bGTiS9znNAZbMYuw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

18ms
17ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=36444
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Wed, 09 Mar 2022 11:53:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 420486.gif
idsync.rlcdn.com/ Frame 850B 0
44 B 18ms
14ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420486.gif?partner_uid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 850B
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f4ae6228-06e5-4500-9a5c-ce614dc0e7f3

0
260 B

25ms
18ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f4ae6228-06e5-4500-9a5c-ce614dc0e7f3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 09 Mar 2022 01:46:13 GMT
Server: MT3 4245 b916d47 master zrh-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=f4ae6228-06e5-4500-9a5c-ce614dc0e7f3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 09 Mar 2022 01:46:12 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 850B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTNGOTdBRDctQzZDNi00RTI0LUJEQ0UtNzM0MDY1QjMxOEJC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
342 B

41ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 19:57:53 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0027:0:359
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 850B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMpKFXGTJxbpFKXt4ejFI1k&google_cver=1

42 B
440 B

42ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMpKFXGTJxbpFKXt4ejFI1k&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:443
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMpKFXGTJxbpFKXt4ejFI1k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 850B 43 B
409 B 21ms
18ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 08 Mar 2022 01:46:13 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 850B
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7801910728013205088&gdpr=0&gdpr_consent=&us_privacy=

1 B
186 B

51ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7801910728013205088&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:465
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7801910728013205088&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Wed, 09 Mar 2022 01:46:13 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 850B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1075e8bb-e025-4071-ab8f-7861ea456a1d

42 B
292 B

30ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1075e8bb-e025-4071-ab8f-7861ea456a1d
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:398
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 09 Mar 2022 01:46:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1075e8bb-e025-4071-ab8f-7861ea456a1d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2 200 E3F97AD7-C6C6-4E24-BDCE-734065B318BB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 850B 43 B
991 B 33ms
31ms Image
image/gif 2a05:d018:d29:3605:a6cd:bbc5:ba08:db41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/E3F97AD7-C6C6-4E24-BDCE-734065B318BB?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:a6cd:bbc5:ba08:db41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 01:46:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET

SPug
image4.pubmatic.com/AdServer/ Frame 850B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E3F97AD7-C6C6-4E24-BDCE-734065B318BB&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-tzQCnGJE2uUGEpw2HVb.z_1yZ7OeIKQ-~A&gdpr=0&gdpr_consent=

0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 869F 52 KB
17 KB 8ms
7ms Document
text/html 2.21.141.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-148.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 10 Mar 2022 01:46:15 GMT
Date: Wed, 09 Mar 2022 01:46:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8052 281 B
554 B 7ms
7ms Document
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Mar 2022 01:46:13 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5969 15 KB
6 KB 18ms
17ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/prebidpubs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://blogs.oglobo.globo.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=36444
expires: Wed, 09 Mar 2022 11:53:37 GMT
date: Wed, 09 Mar 2022 01:46:13 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8052 32 KB
10 KB 8ms
8ms Script
text/html 104.89.20.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-20-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a8377a9082c8d825d0b0201d27c3c2c87638da830ac18482477240dfecff6baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:46:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=35963
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9536
Expires: Wed, 09 Mar 2022 11:45:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 869F 0
743 B 14ms
13ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:13 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d26610dd-7c16-4198-b316-83b48a718fb3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D1ED 0
743 B 13ms
12ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:14 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 06497f17-1c55-47a2-8597-ba36e5504634
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 55B8 0
743 B 13ms
12ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:14 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dd5093c7-dae0-441c-b8c4-372b6e1c54d1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A19D 0
743 B 13ms
13ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Mar 2022 01:46:14 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8afed444-2144-4245-8b57-48b9de105a1c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 869F 0
743 B 13ms
12ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS