urlscan.io logo urlscan.io
SecurityTrails logo

gq.globo.com Open in urlscan Pro
201.7.177.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gq.globo.com/
Effective URL: https://gq.globo.com/
Submission: On January 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 9 countries across 65 domains to perform 481 HTTP transactions. The main IP is 201.7.177.252, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is gq.globo.com.
TLS certificate: Issued by R3 on December 27th 2023. Valid for: 3 months.
This is the only time gq.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 201.7.177.252 28604 (Globo Com...)
12 2a00:1450:400... 15169 (GOOGLE)
40 186.192.83.2 28604 (Globo Com...)
7 2a00:1450:400... 15169 (GOOGLE)
4 34.151.224.123 396982 (GOOGLE-CL...)
2 2a04:4e42:200... 54113 (FASTLY)
27 2a00:1450:400... 15169 (GOOGLE)
5 186.192.91.5 28604 (Globo Com...)
36 186.192.91.9 28604 (Globo Com...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 2 23.56.202.187 16625 (AKAMAI-AS)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.110.201.227 396982 (GOOGLE-CL...)
1 3 18.239.83.91 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:212... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.66.104 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
9 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 26 2a00:1450:400... 15169 (GOOGLE)
2 35.211.79.33 19527 (GOOGLE-2)
6 2a00:1450:400... 15169 (GOOGLE)
3 141.95.98.64 16276 (OVH)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 54.171.10.251 16509 (AMAZON-02)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
21 151.101.65.44 54113 (FASTLY)
1 35.190.39.111 15169 (GOOGLE)
4 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a02:2638:3::7 44788 (ASN-CRITE...)
6 2602:803:c003... 26667 (RUBICONPR...)
6 164.132.25.176 16276 (OVH)
6 34.149.50.64 15169 (GOOGLE)
1 7 37.252.171.21 29990 (ASN-APPNEX)
1 18.239.18.88 16509 (AMAZON-02)
1 44.238.176.231 16509 (AMAZON-02)
3 35.244.159.8 15169 (GOOGLE)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.215.39 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.201.123.184 396982 (GOOGLE-CL...)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 11 2a00:1450:400... 15169 (GOOGLE)
2 35.198.44.170 396982 (GOOGLE-CL...)
30 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.95.229.88 396982 (GOOGLE-CL...)
3 167.235.124.59 24940 (HETZNER-AS)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 34.240.241.48 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.241.9.51 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
8 34.107.254.252 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
10 95.100.82.37 16625 (AKAMAI-AS)
5 69.173.144.165 26667 (RUBICONPR...)
4 142.250.185.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 141.226.228.48 200478 (TABOOLA-AS)
12 18.158.175.190 16509 (AMAZON-02)
3 35.71.131.137 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
3 3.75.62.37 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 173.0.146.5 7979 (SERVERS-COM)
1 96.46.186.186 7979 (SERVERS-COM)
1 186.192.81.117 28604 (Globo Com...)
1 23.32.184.192 16625 (AKAMAI-AS)
1 1 46.228.174.117 56396 (AMOBEE)
6 96.46.186.182 7979 (SERVERS-COM)
1 216.52.2.16 32475 (SINGLEHOP...)
1 1 145.40.97.66 54825 (PACKET)
1 2 2607:ae80:192... 26558 (FREEWHEEL)
1 1 44.213.182.94 14618 (AMAZON-AES)
1 1 23.108.102.2 59253 (LEASEWEB-...)
1 51.89.9.252 16276 (OVH)
1 98.98.134.243 21859 (ZEN-ECN)
1 3.126.67.76 16509 (AMAZON-02)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 46.228.174.115 56396 (AMOBEE)
1 35.186.253.211 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 162.19.138.117 16276 (OVH)
1 23.35.236.188 16625 (AKAMAI-AS)
481 100
3    201.7.177.252 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
gq.globo.com
12    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
40    186.192.83.2 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-83-2.prt.globo.com
s3.glbimg.com
7    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    34.151.224.123 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 123.224.151.34.bc.googleusercontent.com
static.infoglobo.com.br
2    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
cdn.polyfill.io
27    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
5    186.192.91.5 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com
barra.globo.com
s.glbimg.com
p.glbimg.com
36    186.192.91.9 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2-gq.glbimg.com
s2.glbimg.com
3    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
10    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
10    2606:4700::6812:dff8 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
1    2606:4700:3037::ac43:9bd7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
1    34.110.201.227 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.201.110.34.bc.googleusercontent.com
id.globo.com
3    18.239.83.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-91.ams58.r.cloudfront.net
sb.scorecardresearch.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:2127:d600:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
9    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
9    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
26    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    35.211.79.33 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 33.79.211.35.bc.googleusercontent.com
horizon.globo.com
horizon-track.globo.com
6    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    54.171.10.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-10-251.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
1    2a00:1450:4001:80f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gadasource.storage.googleapis.com
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
21    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
pm-widget.taboola.com
trc.taboola.com
vidstat.taboola.com
imprammp.taboola.com
vidstatb.taboola.com
wf.taboola.com
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
4    2a02:26f0:480:ba2::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.cxense.com
1    2606:4700::6811:c376 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
6    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
6    2602:803:c003:200::45 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
6    164.132.25.176 (France)

ASN16276 (OVH, FR)
PTR: ip176.ip-164-132-25.eu
prg.smartadserver.com
6    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
7    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    18.239.18.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-88.ams58.r.cloudfront.net
go.trvdp.com
1    44.238.176.231 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-176-231.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
u.openx.net
aniview-d.openx.net
14    2606:4700::6812:907e (United States)

ASN13335 (CLOUDFLARENET, US)
buy.tinypass.com
1    143.204.215.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-39.fra53.r.cloudfront.net
stg.truvidplayer.com
6    2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
1    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
11    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com
usergate.globo.com
30    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    34.95.229.88 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.229.95.34.bc.googleusercontent.com
globo-ab.globo.com
3    167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
5    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    34.240.241.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    2606:4700::6811:7611 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
2    2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
10    95.100.82.37 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-82-37.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
4    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
9    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
12    18.158.175.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a05:d018:d29:3601:4a2f:8181:9d4c:7740 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
vast.aniview.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    2a02:26f0:3500:11::215:14d7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
1    173.0.146.5 (United States)

ASN7979 (SERVERS-COM, US)
gov.aniview.com
1    96.46.186.186 (United States)

ASN7979 (SERVERS-COM, US)
track1.aniview.com
1    186.192.81.117 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com
horizon-schemas.globo.com
1    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
6    96.46.186.182 (United States)

ASN7979 (SERVERS-COM, US)
sync.aniview.com
1    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    44.213.182.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-182-94.compute-1.amazonaws.com
ssp.disqus.com
1    23.108.102.2 (Jurong Town, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
inv-nets.admixer.net
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    3.126.67.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-67-76.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
80 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 82076
s2-gq.glbimg.com
s2.glbimg.com — Cisco Umbrella Rank: 100762
s.glbimg.com — Cisco Umbrella Rank: 117151
p.glbimg.com — Cisco Umbrella Rank: 154811
4 MB
40 googlesyndication.com
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
536 KB
37 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2896
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 8452
eus.rubiconproject.com — Cisco Umbrella Rank: 951
token.rubiconproject.com — Cisco Umbrella Rank: 744
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 4039
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1520
236 KB
34 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
344 KB
30 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
283 KB
30 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1255
pm-widget.taboola.com — Cisco Umbrella Rank: 3998
trc.taboola.com — Cisco Umbrella Rank: 960
vidstat.taboola.com — Cisco Umbrella Rank: 3607
am-trc-events.taboola.com — Cisco Umbrella Rank: 11740
imprammp.taboola.com — Cisco Umbrella Rank: 11126
am-match.taboola.com — Cisco Umbrella Rank: 12141
am-vid-events.taboola.com — Cisco Umbrella Rank: 11014
vidstatb.taboola.com — Cisco Umbrella Rank: 9462
wf.taboola.com — Cisco Umbrella Rank: 3713
618 KB
24 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 11211
cdn.tinypass.com — Cisco Umbrella Rank: 8727
buy.tinypass.com — Cisco Umbrella Rank: 9223
532 KB
20 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
465 KB
13 aniview.com
vast.aniview.com — Cisco Umbrella Rank: 9422
player.aniview.com — Cisco Umbrella Rank: 2663
gov.aniview.com — Cisco Umbrella Rank: 7181
track1.aniview.com — Cisco Umbrella Rank: 2944
sync.aniview.com — Cisco Umbrella Rank: 2343
271 KB
12 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
bidder.criteo.com — Cisco Umbrella Rank: 878
9 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
702 KB
11 globo.com
gq.globo.com
barra.globo.com — Cisco Umbrella Rank: 361962
id.globo.com — Cisco Umbrella Rank: 151214
horizon.globo.com — Cisco Umbrella Rank: 94534
usergate.globo.com — Cisco Umbrella Rank: 131138
globo-ab.globo.com — Cisco Umbrella Rank: 105136
horizon-schemas.globo.com — Cisco Umbrella Rank: 87124
horizon-track.globo.com — Cisco Umbrella Rank: 63432
109 KB
9 permutive.com
api.permutive.com — Cisco Umbrella Rank: 2986
cdn.permutive.com — Cisco Umbrella Rank: 3770
245 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
349 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 158187
imasdk.googleapis.com — Cisco Umbrella Rank: 639
157 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
secure.adnxs.com — Cisco Umbrella Rank: 793
acdn.adnxs.com — Cisco Umbrella Rank: 957
22 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
21 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 6215
p1cluster.cxense.com — Cisco Umbrella Rank: 15673
comcluster.cxense.com — Cisco Umbrella Rank: 5742
id.cxense.com — Cisco Umbrella Rank: 13926
82 KB
6 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
1 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 45211
usr.navdmp.com — Cisco Umbrella Rank: 50426
cdn.navdmp.com — Cisco Umbrella Rank: 33736
11 KB
6 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 2270
19 KB
6 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2047
2 KB
6 openx.net
oajs.openx.net — Cisco Umbrella Rank: 2214
google-bidout-d.openx.net — Cisco Umbrella Rank: 2217
u.openx.net — Cisco Umbrella Rank: 1108
rtb.openx.net — Cisco Umbrella Rank: 1007
aniview-d.openx.net — Cisco Umbrella Rank: 30012
1 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
184 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1218
id5-sync.com — Cisco Umbrella Rank: 658
35 KB
4 infoglobo.com.br
static.infoglobo.com.br — Cisco Umbrella Rank: 347842
82 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
445 B
3 google.com
ampcid.google.com — Cisco Umbrella Rank: 3299
www.google.com — Cisco Umbrella Rank: 6
437 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
75 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 274
940 B
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4237
onesignal.com — Cisco Umbrella Rank: 1212
74 KB
2 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 1418
202 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
1 KB
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 811
image6.pubmatic.com — Cisco Umbrella Rank: 1215
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
91 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1411
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431
12 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
3 KB
2 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 4433
809 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1338
272 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1474
349 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2163
349 B
1 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1632
358 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2711
297 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2608
323 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1119
291 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 998
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 857
243 B
1 prmutv.co
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 252186
383 B
1 google.de
ampcid.google.de — Cisco Umbrella Rank: 56388
366 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 1173
337 B
1 permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 152285
295 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 87331
11 KB
1 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 28146
348 B
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 189579
461 B
1 trvdp.com
go.trvdp.com — Cisco Umbrella Rank: 35420
2 KB
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 7648
4 KB
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4842
474 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2532
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 10326
3 KB
481 65
Domain Requested by
40 s3.glbimg.com gq.globo.com
s3.glbimg.com
s.glbimg.com
barra.globo.com
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
www.googletagmanager.com
p.glbimg.com
buy.tinypass.com
30 cdnjs.cloudflare.com buy.tinypass.com
29 s2-gq.glbimg.com gq.globo.com
27 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
gq.globo.com
s3.glbimg.com
26 tpc.googlesyndication.com 2 redirects 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
googleads.g.doubleclick.net
22 buy.tinypass.com cdn.tinypass.com
buy.tinypass.com
12 prebid-a.rubiconproject.com ads.rubiconproject.com
12 www.googletagservices.com gq.globo.com
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
10 eus.rubiconproject.com 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
eus.rubiconproject.com
imprammp.taboola.com
gq.globo.com
ads.rubiconproject.com
10 fonts.gstatic.com fonts.googleapis.com
9 www.googletagmanager.com s3.glbimg.com
www.googletagmanager.com
9 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 api.permutive.com d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
8 cdn.taboola.com gq.globo.com
cdn.taboola.com
client
7 s2.glbimg.com gq.globo.com
7 fonts.googleapis.com gq.globo.com
buy.tinypass.com
googleads.g.doubleclick.net
6 sync.aniview.com gq.globo.com
6 googleads.g.doubleclick.net 2 redirects gq.globo.com
6 s.seedtag.com ads.rubiconproject.com
6 prg.smartadserver.com ads.rubiconproject.com
6 fastlane.rubiconproject.com ads.rubiconproject.com
6 bidder.criteo.com ads.rubiconproject.com
6 s0.2mdn.net gq.globo.com
s0.2mdn.net
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
5 am-trc-events.taboola.com cdn.taboola.com
gq.globo.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 token.rubiconproject.com eus.rubiconproject.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
gq.globo.com
5 pagead2.googlesyndication.com www.googletagservices.com
gq.globo.com
googleads.g.doubleclick.net
5 ib.adnxs.com ads.rubiconproject.com
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
acdn.adnxs.com
5 gum.criteo.com 1 redirects static.criteo.net
cdn.taboola.com
ads.rubiconproject.com
4 player.aniview.com vidstat.taboola.com
gq.globo.com
4 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
4 www.googleadservices.com googleads.g.doubleclick.net
gq.globo.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 static.infoglobo.com.br gq.globo.com
static.infoglobo.com.br
3 ups.analytics.yahoo.com am-match.taboola.com
gq.globo.com
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
3 id5-sync.com cdn.id5-sync.com
player.aniview.com
3 static.criteo.net securepubads.g.doubleclick.net
ads.rubiconproject.com
static.criteo.net
3 sb.scorecardresearch.com 1 redirects gq.globo.com
3 s.glbimg.com gq.globo.com
s.glbimg.com
3 gq.globo.com 1 redirects s3.glbimg.com
2 targeting.unrulymedia.com player.aniview.com
2 ads.stickyadstv.com 1 redirects gq.globo.com
2 wf.taboola.com vidstat.taboola.com
2 am-vid-events.taboola.com gq.globo.com
vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 secure.adnxs.com 1 redirects gq.globo.com
2 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
2 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
2 www.gstatic.com googleads.g.doubleclick.net
2 www.google.com googleads.g.doubleclick.net
2 beacon-ams3.rubiconproject.com gq.globo.com
2 trc.taboola.com cdn.taboola.com
2 cdn.navdmp.com tag.navdmp.com
2 region1.google-analytics.com www.googletagmanager.com
2 usr.navdmp.com tag.navdmp.com
2 usergate.globo.com s3.glbimg.com
gq.globo.com
2 tag.navdmp.com s3.glbimg.com
tag.navdmp.com
2 pm-widget.taboola.com cdn.taboola.com
pm-widget.taboola.com
2 connect.facebook.net gq.globo.com
connect.facebook.net
2 oajs.openx.net 1 redirects gq.globo.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
ads.rubiconproject.com
2 cdn.onesignal.com gq.globo.com
cdn.onesignal.com
2 cdn.polyfill.io gq.globo.com
1 acdn.adnxs.com ads.rubiconproject.com
1 lb.eu-1-id5-sync.com player.aniview.com
1 aniview-d.openx.net gq.globo.com
1 api.rlcdn.com player.aniview.com
1 id.hadron.ad.gt player.aniview.com
1 horizon-track.globo.com s3.glbimg.com
1 rtb.openx.net player.aniview.com
1 image6.pubmatic.com ads.pubmatic.com
1 grid.bidswitch.net player.aniview.com
1 pixel-sync.sitescout.com gq.globo.com
1 onetag-sys.com gq.globo.com
1 u.openx.net gq.globo.com
1 inv-nets.admixer.net 1 redirects
1 ssp.disqus.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 ap.lijit.com gq.globo.com
1 sync.1rx.io 1 redirects
1 ads.pubmatic.com gq.globo.com
1 horizon-schemas.globo.com s3.glbimg.com
1 track1.aniview.com gq.globo.com
1 gov.aniview.com player.aniview.com
1 imasdk.googleapis.com s3.glbimg.com
1 vast.aniview.com vidstat.taboola.com
1 vidstatb.taboola.com gq.globo.com
1 imprammp.taboola.com vidstat.taboola.com
1 cdn.permutive.com d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1 stats.g.doubleclick.net www.google-analytics.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1 ampcid.google.de www.google-analytics.com
1 id.cxense.com cdn.cxense.com
1 beacon.krxd.net tag.navdmp.com
1 comcluster.cxense.com cdn.cxense.com
1 ampcid.google.com www.google-analytics.com
1 d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app s3.glbimg.com
1 p1cluster.cxense.com cdn.cxense.com
1 globo-ab.globo.com p.glbimg.com
1 www.facebook.com gq.globo.com
1 tags.t.tailtarget.com s3.glbimg.com
1 stg.truvidplayer.com go.trvdp.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 ivccf.ivcbrasil.org.br gq.globo.com
1 go.trvdp.com securepubads.g.doubleclick.net
1 c2.piano.io cdn.tinypass.com
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 mug.criteo.com gq.globo.com
1 gadasource.storage.googleapis.com gq.globo.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.tinypass.com experience.tinypass.com
1 horizon.globo.com gq.globo.com
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 id.globo.com 1 redirects
1 p.glbimg.com s3.glbimg.com
1 www.npttech.com static.infoglobo.com.br
1 experience.tinypass.com static.infoglobo.com.br
1 ads.rubiconproject.com s3.glbimg.com
1 onesignal.com cdn.onesignal.com
1 barra.globo.com gq.globo.com
481 128
Subject Issuer Validity Valid
gq.globo.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
s3.glbimg.com
RapidSSL TLS RSA CA G1		 2023-05-02 -
2024-05-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
static.infoglobo.com.br
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-01-30 -
2024-01-29		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-12-22 -
2024-01-21		 a month crt.sh
barra.globo.com
RapidSSL TLS RSA CA G1		 2023-05-15 -
2024-05-15		 a year crt.sh
*.glbimg.com
RapidSSL TLS RSA CA G1		 2023-05-11 -
2024-05-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
npttech.com
GTS CA 1P5		 2023-12-28 -
2024-03-27		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-12-23 -
2024-03-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
horizon.globo.com
RapidSSL TLS RSA CA G1		 2023-09-25 -
2024-09-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-12 -
2024-01-10		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-11-08 -
2024-02-06		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
*.ivcbrasil.org.br
Amazon RSA 2048 M02		 2023-05-01 -
2024-05-29		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
usergate.globo.com
RapidSSL TLS RSA CA G1		 2023-04-24 -
2024-04-23		 a year crt.sh
globo-ab.globo.com
R3		 2023-12-07 -
2024-03-06		 3 months crt.sh
permutive.app
Cloudflare Inc ECC CA-3		 2023-11-06 -
2024-02-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.prmutv.co
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
api.permutive.com
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-12-26 -
2024-12-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-12-26 -
2024-06-19		 6 months crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-11 -
2024-09-11		 a year crt.sh
horizon-schemas.globo.com
RapidSSL TLS RSA CA G1		 2023-03-15 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
horizon-track.globo.com
RapidSSL TLS RSA CA G1		 2023-09-26 -
2024-09-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh

This page contains 53 frames:

Primary Page: https://gq.globo.com/
Frame ID: 1D1CA12EA4264D146B2B9C4F2C277CEC
Requests: 241 HTTP requests in this frame

Frame: https://gq.globo.com/login-callback.ghtml
Frame ID: B21D1E7A7B15A37EB8D6028EF5519C8D
Requests: 2 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 88283DF9D527F5E5B5E6E34AF3200966
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Frame ID: 111C954C2C1A0035BA1DD5651E6C4930
Requests: 1 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EFC7651727126C3AC7EDB499A8A002BC
Requests: 9 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6101AF526CC4FEE57E4EF55240B0C639
Requests: 9 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Frame ID: AFD9ADEAD5DE6B70333FBCD57B023FEB
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Frame ID: 757C377E1DDAEE1EB661D65A9A895330
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Frame ID: 9B6E6C08FBE663163C2EBC07FDD190B6
Requests: 1 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D498ADAEF37838E58CFD46C27200FC71
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/index.html
Frame ID: A9185CB9537FD096D936FC9D63081553
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gq.globo.com
Frame ID: 4683A7792FC6D80D75D38AC8360BA524
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssS0F871npwivYtCo4OYNKQSltR1c_0QLuKROeYGYwecKfaytz58kVve0fHmARqVXppfavavZHVW3x3OAdSdZ4aVyqOZeQMTtbfEiijV_npLlWt9-hlEZzhGk76LrYGe-jNKXNo6gQEkVuiYYz_2mT7ucDSUBMekhxoQRtz8I_osJ625wUBKwQtFW7rHJydf4Rq6uYn7MKPFZtxHuA0PStMREA3-Q8mfgDp9DRDr2n_iwjHon3fVDh1YNshECukXihoHyUKdpqhpHLDvfOOkeRM4HHf0AqGxc7hpEM1SVXQb54Dpwv9VJ2xnlZFNHw7AhCwlZQd5g0OJbaXsaWS_6Dq_FehghzixQ&sai=AMfl-YRm0IdP1HrSKIPfW2uF6-Tc6kDj23o4bz-fn7Ne_HmZ7y4zxn7u3I9uPbB4huGaQwKGy25tysmCq91VB32lRX8cZ5bOF0HS4r-BuonVEbSMMeCAy3wwbO4VKdEOSA&sig=Cg0ArKJSzCVsu1MQxq4LEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CEB92E7816EA0B72E6C7B941AF52B482
Requests: 6 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0F871286F64FC20E7B8F94810F2E3FB6
Requests: 9 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9D4A5447F699E3C6EA05522969774DFA
Requests: 9 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 44AFF599F6493DF0B946F96DBAA8683E
Requests: 9 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: C2D726EFED4B1B12EF64770520FEE3B2
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Frame ID: 10287F05D3C2B239FCB00356B0F88CDB
Requests: 22 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Frame ID: 885834F107FE01CCC48E1B46D6A1FE56
Requests: 19 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Frame ID: C831D2C3C0C1514CECEC2B40E77FC8CD
Requests: 20 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 8D2BF696FE14E21CCBC263D9EA82DF9D
Requests: 4 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2628955DC24BDBFCBA4AD4559AC73ADB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Frame ID: 18063EE002C52CD488C4475D5C9AA89E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: A88FE8A83F193FA7001C52EB97CDD9EB
Requests: 3 HTTP requests in this frame

Frame: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 77669070C438ABE5F9A2FD8B31DC88AB
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 33CE6602A4FD7BCBC7BE0D374F69EBD6
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Frame ID: 7C008273678B25034096EC07C4D2F50B
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 624D602962BF84F94A38753D232C11F0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 8FAD8B1EE25AC6AEFFCC9DB611559689
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 83A886D68F1B8C1BEA1674A0B9208B3C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 64333C94D3B68995FD73BDE9C0A2DDFC
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&cmcv=&pix=undefined&cb=1704276177998&uv=148127567&tms=1704276177998&abt=adxsub-out_vA!adxsub-out_vB!ufm!ul148127-567_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=295812a2-3329-4b90-a3d6-9291ed84383d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 95CCA86EAA75C6AE8FA0FB71B1284185
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 397654F39FA35858CEE35D17BDAEB537
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: ABD6AFE7E3DFA8A988525813ECA6E0EE
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 56DB5D81169021BC8CF8667BA6014DDE
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Frame ID: 5D67DF61BFED85E443CC9F22A6A81E43
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D1%26key%3D
Frame ID: 209DD3590807C9F259C280C4DAFFEB99
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=200&key=OPTOUT
Frame ID: 45B98CA600FAF4155416DDC19A837CA0
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D18%26key%3D%24UID
Frame ID: 7175A82C51F36CE6C684B8F642340C43
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 5B583A2A606C0B1C52134C90111E12AE
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Frame ID: 521618988987DE4885372CF277716A6E
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=afe6ff1fa5d5beb149a31267aee6a25&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: 9C772E1ACCB0880A2C3D1F9DA2ED6465
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Frame ID: DBA294D22C57CFFB7C699713297573EA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=52&key=ua-37950312-f46e-3370-8746-c68b82464bd4
Frame ID: 85B9B5281DCF4D5D33B414CB23A988F6
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=31&key=03a6c9b0cc6b44f389951dd3dfdbbc9f
Frame ID: 0FC84CE942DF1EBD16ACAD2789904618
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D23%26key%3D
Frame ID: B5ACC5629A1C09228231A3378FA6B96E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: 3A213579589C8280DC2C5959C687E29C
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Frame ID: FD2EC755D8FEFBEDCDC7992675B09AE8
Requests: 1 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=136&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D215%26auid%3D1704276178889-172026010126-000418-008-000573%26gdpr%3D1%26gdpr_consent%3D%26ccpa%3D1---%26key%3D%7BuserId%7D
Frame ID: DF942C54BC465C65F039B15A9B4D655F
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=55&key=5707612477931008559
Frame ID: 201AD17FEF7063AE14E040D15524E519
Requests: 1 HTTP requests in this frame

Frame: https://aniview-d.openx.net/w/1.0/pd
Frame ID: 36D770560EF17DF2C793D265FA79552E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 18956261915ADACC33251462003F605E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1F3B668DA979BCF8B6757DCB97F520A3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GQ | Seu Guia de Moda Masculina, Cultura e Lifestyle

Page URL History Show full URLs

  1. http://gq.globo.com/ HTTP 301
    https://gq.globo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

481
Requests

98 %
HTTPS

45 %
IPv6

65
Domains

128
Subdomains

100
IPs

9
Countries

10445 kB
Transfer

25691 kB
Size

76
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gq.globo.com/ HTTP 301
    https://gq.globo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=revista-gq%40apps.globoid&redirect_uri=https%3A%2F%2Fgq.globo.com%2Flogin-callback.ghtml&state=33a00290-b247-441f-bcd8-cf924fa7ac03&response_mode=fragment&response_type=code&scope=openid&nonce=b6451951-85cd-4852-8b71-ed17c2b9a623&prompt=none&code_challenge=8Zd3UYA-6Kf8PtTAM2-fJpaST5myo0SUPvUxLek_MsM&code_challenge_method=S256 HTTP 302
  • https://gq.globo.com/login-callback.ghtml
Request Chain 82
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 135
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2F&rid=esp&cc=1
Request Chain 149
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=gq.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=k4QZtXw0blpLVWF4VjEzRGlxd1p1STNtWldpSkhIR1F2QzBwS216SzNrUDg1ZmN5bFJQTy91N3FENEdpUHlsc2tHYmxOOU1tY1RoTWxyeG1UbjZsSzVjOXhaZnZESDQzVzRudTNoMTFVVFhJZEdDdWpjVjYrRkdETHhuRXhmUTNIS1RBazNPT0l6cko5QlBIL0xTZ0RsbjJ1VDcxL1RrQjdjbys3SGlxOXR2dUozOFFLVCtreHRmemE1aTNiYVlac3JOYTFPczNacDNRR1VkWE5aNjlKcS81MDlOZjhuWUVIcWZPUDNRT3hibHh4VjN5bWtoRjEvc2tlR3ExRmg3b0JCa2o3NjZyUldibjBKYWZtdnBuS01zTFU2UT09fA&cppv=2
Request Chain 353
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwAUS0DCVZaXMKMCVjuwPzouM-Azu15OQdfLk47uLEWQQASC6vvAWYJXikIKgB6ABocCY8SjIAQmoAwHIA8sEqgTXAU_Qoh7srXffOtLIvd7oThNIXEo7ZvkLPi1sepuE4pmYQB0yAHoSQEFpkWB-icz1S0v1IjFtjFoiMyQCW8iOw93JEEHoz9gX-CBZ5pqtSxij3Tlbl87RFHuEUS1rKvmlNPVhUFIMaiKB8zb58Mp1lUmpinT3yht-HcugMLPc7ylopUm89AqgT2FDUZsKfENyk2LPRk3eH7bHREzXbAPO5MRwX6cY5fyUI1iRuCd2bxwj6x1qeFnSv7wPILkBOy9MNYR7QF03vIFBpiw8_P3-HGJBuV-rP-QNwASi8-vVtASIBfjVwIdMkgUECAQYAZIFBAgFGASgBi6AB538pKMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA0ggfCIDhgBAQARgAMgKqAjoCgEBIvf3BOliRgp_B-8CDA_IIDWJpZGRlci0yODAzOTCaCYACaHR0cHM6Ly93d3cudGVtdS5jb20vZGUva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT03Nn5kZX5FVVImZ29vZHNfaWQ9NjAxMDk5NTE2NDY2MDY2Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDY1NzQyNC0xJnRvcGljX2NsYXNzaWZ5PTEyN4AKBMgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLYEwzQFQGAFwGyFwgKBggAEgAYAA&sigh=WCbt2-900uE&uach_m=%5BUACH%5D&ase=2&nis=4&pr=8:9F7EB03574572A35&cid=CAQSQAAvHhf_bZvKMZd7gZNKZDGuSDsOvwpAKc16QXqfk_zEbb4TGrF40p6ACmD5gnT7moesEWu-n40v032nZVuHfHQYAQ&template_id=494&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212070359612618173395%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222235028417732321969%22}&andc=true
Request Chain 366
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
Request Chain 397
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc HTTP 301
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
Request Chain 404
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cu9hN0DCVZcGUKL7o1PIPg--s6Avu15OQdfLk47uLEWQQASC6vvAWYJXikIKgB6ABocCY8SjIAQmoAwHIA8uEgIAEqgTXAU_QXvhFqUnPNfCbMJ-pyeBrAT5uf_o4qMfVCvshQ5tVj3Bj4SITRVGXrddMckhKLTzT9MdZKhUfFk_rHGXvGB4YvDp3f6hWJGwP7VCrKYopY3vyHgB2CCMpjvFSh2Awc8DlzJUwhsiL20Vtqmym0a4LCWZ4IogMEIg1M_9ZRyb59trcjvHTf6wmXzblVrfKkDq_AU8D9d_GAy3IFQiZaOfHHXxgdiEz2bQKYSp60sy0MUMcd_-6QI4NUC6DJsaDiP6fyv2FoPQuqtGX59ZWGHGTkQvdnYkkwASi8-vVtASIBfjVwIdMkgUECAQYAZIFBAgFGASgBi6AB538pKMEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA0ggfCIDhgBAQARgAMgKqAjoCgEBIvf3BOliiqaTB-8CDA_IIDWJpZGRlci0yODAzOTCaCYACaHR0cHM6Ly93d3cudGVtdS5jb20vZGUva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT03Nn5kZX5FVVImZ29vZHNfaWQ9NjAxMDk5NTE2NDY2MDY2Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDY1NzQyNC0xJnRvcGljX2NsYXNzaWZ5PTEyN4AKBMgLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2BMM0BUBgBcBshcICgYIABIAGAA&sigh=_ehHMItbM0Q&uach_m=%5BUACH%5D&ase=2&nis=4&pr=8:B1629E3FBCFC0899&cid=CAQSQAAvHhf_K2dccYNfRF92YAllv4JaG7If13oYrFf5uuMVtq0j8a834todjAUV7S3hrxWGq3h2gjK6lUIQCqWMWRMYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226059883817518596645%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22751603919404073793%22}&andc=true
Request Chain 453
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=200&key=OPTOUT
Request Chain 455
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 456
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D105%26pid%3D59c9148628a0612da3689288%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Request Chain 457
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=afe6ff1fa5d5beb149a31267aee6a25&_fw_gdpr=1&_fw_gdpr_consent=
Request Chain 459
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D52%26key%3DBUYERUID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=52&key=ua-37950312-f46e-3370-8746-c68b82464bd4
Request Chain 460
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=B81743F7-B474-4C19-8479-8697021ABDD2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D31%26key%3D%24%24visitor_cookie%24%24 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=31&key=03a6c9b0cc6b44f389951dd3dfdbbc9f
Request Chain 465
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=55&key=5707612477931008559

481 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gq.globo.com/
Redirect Chain
  • http://gq.globo.com/
  • https://gq.globo.com/
471 KB
85 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.252 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
47b5feca65868325015932c2e33e33efba99b962ffa3e0199be2711f4e3eba0e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
86218
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 03 Jan 2024 10:02:52 GMT
expires
Wed, 03 Jan 2024 10:03:02 GMT
show-page-version
0
vary
X-Forwarded-Proto, User-Agent, Accept-Encoding
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
72020942 cmad07lx21ca04.globoi.com
x-cache-status
MISS
x-content-type-options
nosniff
x-location-rule
homes
x-mobile
desktop
x-request-id
fbc3dba4-f31d-4018-924c-891a20916b7c
x-served-from
rpaas-multi-domain-edg3-prod, Show Services GCP
x-thanos
0A82BC06
x-virtual-host
gq.globo.com
x-xss-protection
1; mode=block

Redirect headers

Age
71
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Wed, 03 Jan 2024 10:01:40 GMT
Location
https://gq.globo.com/
Vary
X-Forwarded-Proto, User-Agent
Via
2.0 CachOS
Wall-Blocked-Session
0
Wall-Subscription-Level
0
Wall-Usl-Status
X-Bip
71193168 cmah19lx40ca01.globoi.com
X-Content-Type-Options
nosniff
X-Mobile
desktop
X-Request-Id
33f2b0c754ca306e8fb78fcac912772d
X-Served-From
rpaas-multi-domain-edg3-prod
X-Virtual-Host
gq.globo.com
X-XSS-Protection
1; mode=block
gpt.js
www.googletagservices.com/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e9a85d9531e72c3a179a414fd5e5fbe3b9194b7ef05b5fbe7c44339a1794842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29594
x-xss-protection
0
server
cafe
etag
735 / 19725 / m202312070101 / config-hash: 15281352381595987283
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:53 GMT
lib-pub-relay-gq-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
2fba4b98ccf67203f312371d0f0e4bbab645ccaea30d9cc90a80f0daefe1bfa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:53 GMT
content-encoding
gzip
x-openstack-request-id
txabd89ad7f5624c789ced3-006595307a
last-modified
Fri, 18 Aug 2023 21:17:37 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
x-object-meta-mtime
1692392188.000000
content-type
application/javascript
x-timestamp
1692393456.28181
cache-control
public, max-age=180
x-trans-id
txabd89ad7f5624c789ced3-006595307a
x-request-id
304b4681-91f5-4b59-85bd-d0520ab541c8
css2
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 10:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 09:02:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 10:02:52 GMT
tiny.js
static.infoglobo.com.br/paywall/js/ 		270 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
74ccedc8d6c9c1105474d8a0354ade4fd3ae65dfba1208a7a3b0c7e11bd7ea09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Wed, 03 Jan 2024 10:02:54 GMT
content-encoding
gzip
x-openstack-request-id
tx75141dc037e44247a3b83-006584753b
x-cache-status
HIT
supportspointer
true
x-trans-id
tx75141dc037e44247a3b83-006584753b
x-request-id
b4e6915ab95b9a76129c92bd08870f6c
last-modified
Thu, 21 Dec 2023 17:21:36 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1703179295.39611
cache-control
max-age=600
charset
utf-8
expires
Thu, 21 Dec 2023 17:36:19 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		103 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 10:02:52 GMT
age
1281023
detected-user-agent
Chrome Mobile/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
glide.js
s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/public_assets/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da025474c0c44edd99332dddb09cabe8/public_assets/glide.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
f7ab917c78e9a4eaacd4df4ac7ed66b415576f37b58336b390bd5e450d359ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:53 GMT
content-encoding
gzip
x-openstack-request-id
tx1ea11ef510ad46c0b99c8-006595304e
last-modified
Mon, 12 Dec 2022 20:41:46 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1670877705.18812
cache-control
public, max-age=180
x-trans-id
tx1ea11ef510ad46c0b99c8-006595304e
x-request-id
ee997b39-fe7e-4f30-be8e-de2f828acf65
lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:53 GMT
content-encoding
gzip
x-openstack-request-id
tx57bf91e6955e496ba8ca4-0065945003
last-modified
Mon, 09 Jan 2023 17:51:24 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
x-timestamp
1673286683.73068
cache-control
public, max-age=86400
x-trans-id
tx57bf91e6955e496ba8ca4-0065945003
x-request-id
2e87e3f4-309e-488c-a8ec-dd6e4fe17b1d
polyfill.min.js
cdn.polyfill.io/v2/ 		103 B
192 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 10:02:53 GMT
age
1281024
detected-user-agent
Chrome Mobile/120.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
121
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/120.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
3602
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 02 Jan 2025 09:02:51 GMT
barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Wed, 03 Jan 2024 10:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
796769092 ra01 11 04 14
age
270
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739324870000
content-length
4317
x-xss-protection
1; mode=block
x-request-id
bbcfcca2-2538-4600-abe5-6cae6e18f66b
last-modified
Fri, 02 Jun 2023 19:14:58 GMT
x-thanos
0AB0D072
etag
W/"c580509368f67b01edaa2d4f8057bbbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/css; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 03 Jan 2024 10:03:23 GMT
header-site-home.jpg
s2-gq.glbimg.com/MSysS6psWgceLIUDdbjzzpbOuf4=/45x0:1145x619/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/g/r/x0PLgfQLe9q3OYdmH... 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/MSysS6psWgceLIUDdbjzzpbOuf4=/45x0:1145x619/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/g/r/x0PLgfQLe9q3OYdmHXvw/header-site-home.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
d130a4cf6261f982a97d3b4bcbfe2c9732e59ca6fd39418c21b9fbb6c77db830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
800195221 ra03 11 07
age
420406
x-cache-server
thumbor/nginx-cache
content-length
113841
x-cached
HIT
x-request-id
7fcc7c33-1394-435b-8261-d20974b78153
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"2679ece54738418ac16fe9d0c3013fcf7650f68d"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 28 Jan 2024 12:36:59 GMT
profile-pc.png
s2.glbimg.com/wDf6C8dziVLXizeKNxDkM6v5ANc=/0x158:1080x1238/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/8/D/gkB5oTSDiP6NfX3D5MLw/ 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/wDf6C8dziVLXizeKNxDkM6v5ANc=/0x158:1080x1238/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/8/D/gkB5oTSDiP6NfX3D5MLw/profile-pc.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
0b2d8493e84e78752b5bbb607bd9f46e22dd3f48714dfa9795fbab8c93a90f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
795012075 ra03 11 07
age
1765121
x-cache-server
thumbor/nginx-cache
content-length
270666
x-cached
HIT
x-request-id
12c43954-361a-4f85-bffc-e0fcc74cab6d
x-forwarded-host
s2.glbimg.com
x-thanos
0AB1D016
etag
"8fce6c2ae8a8275f784594f6c86ccd6a1942645e"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:18:15 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:53 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
888
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83fa68a75ddc9a0b-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jan 2024 10:02:53 GMT
element-tracker.min.js
s3.glbimg.com/cdn/libs/element-tracker/1.2.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/element-tracker/1.2.1/element-tracker.min.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
6b37c75dbc0ad1368622265600d903b3cf22d7dc64e6bdd07959c4a88c0474e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:53 GMT
content-encoding
gzip
x-openstack-request-id
tx944ced2bbca844719307f-00633f42de
last-modified
Mon, 20 Jun 2022 18:57:02 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1655751421.54746
cache-control
public, max-age=155520000
x-trans-id
tx944ced2bbca844719307f-00633f42de
x-request-id
252450ea-425c-423c-9976-4600c97a29a1
jquery.min.js
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:53 GMT
content-encoding
gzip
x-openstack-request-id
tx836e9dc3cbc34e918a39b-0065207334
last-modified
Tue, 09 Oct 2018 19:06:54 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1539112013.52960
cache-control
max-age=31536000
x-trans-id
tx836e9dc3cbc34e918a39b-0065207334
x-request-id
5a4ba341-3c24-4c45-a648-cba6e50592d9
lgpd-lib.min.js
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
content-encoding
gzip
x-openstack-request-id
txd6dffc40ddad472a85c8b-0065945004
last-modified
Mon, 09 Jan 2023 17:51:24 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
x-timestamp
1673286683.73565
cache-control
public, max-age=86400
x-trans-id
txd6dffc40ddad472a85c8b-0065945004
x-request-id
19b0dd34-8f8a-495a-99fc-825c6fbe9c61
5833c06a4657f2d06fb3e9a9b1b84849.js
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/5833c06a4657f2d06fb3e9a9b1b84849.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
557174b778c97e5db2db381022c13e3359f1753acba777932ce7cf732d32b110

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
content-encoding
gzip
x-openstack-request-id
tx15473bf773814428b1367-006592fc17
content-length
45806
x-trans-id
tx15473bf773814428b1367-006592fc17
x-request-id
e59fcb54-3fad-4b52-8190-3ca69a9161dd
last-modified
Mon, 09 Oct 2023 13:50:19 GMT
x-thanos
0AB54008
etag
dfff5faee7f1862d5b4aa51721239152
vary
Accept-Encoding, Origin
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1696859418.26917
cache-control
public, max-age=604800
accept-ranges
bytes
lib-pub-core-gq-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/ 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/lib-pub-core-gq-latest.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
8a37c7c21f5f3c55f2b593253aa222d8d0675b00f482e157fccb2a1a56e5d1c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
content-encoding
gzip
x-openstack-request-id
tx8aa0dd1f95b24b738d2d6-006595307b
last-modified
Thu, 21 Dec 2023 19:15:21 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
x-object-meta-mtime
1703185847.000000
content-type
application/javascript
x-timestamp
1703186120.93804
cache-control
public, max-age=180
x-trans-id
tx8aa0dd1f95b24b738d2d6-006595307b
x-request-id
99bb36f7-06eb-4139-a252-224d5dabaf66
346effa73f574f6f1d7382be548df7b1.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/346effa73f574f6f1d7382be548df7b1.css
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
9804b64a5810b70bcfca114cd47bfd6609498c65e09e7b695f894a5b1f45f4e4

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
content-encoding
gzip
x-openstack-request-id
tx541f2e79e5f84ae0ad2ce-006592fc17
content-length
4104
x-trans-id
tx541f2e79e5f84ae0ad2ce-006592fc17
x-request-id
8bc16de4-6649-45a4-8b0d-1cf27ebad4dd
last-modified
Mon, 09 Oct 2023 13:50:20 GMT
x-thanos
0AB54008
etag
c12d918df757e6febd33d0394a36fc91
vary
Accept-Encoding, Origin
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp
1696859419.50351
cache-control
public, max-age=604800
accept-ranges
bytes
profile-pc.png
s2.glbimg.com/wDf6C8dziVLXizeKNxDkM6v5ANc=/0x158:1080x1238/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/8/D/gkB5oTSDiP6NfX3D5MLw/ 		264 KB
265 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/wDf6C8dziVLXizeKNxDkM6v5ANc=/0x158:1080x1238/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/8/D/gkB5oTSDiP6NfX3D5MLw/profile-pc.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
0b2d8493e84e78752b5bbb607bd9f46e22dd3f48714dfa9795fbab8c93a90f8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798543040 ra03 11 07
age
1765121
x-cache-server
thumbor/nginx-cache
content-length
270666
x-cached
HIT
x-request-id
e3dc1298-8dad-4535-ac13-f6e201cac87f
x-forwarded-host
s2.glbimg.com
x-thanos
0AB1D016
etag
"8fce6c2ae8a8275f784594f6c86ccd6a1942645e"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:18:15 GMT
truncated
/ 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a9a9405da89d4a9d225dd74b87b0011415b870ea2e8a5a239d369dde3c78bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
gq-international-black-04.png
s2-gq.glbimg.com/Lk4Kq1Rw7BKuMbcOPaDEP-KvgrE=/0x240/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/d/S/agp66oQsOnvihCABjKcQ/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/Lk4Kq1Rw7BKuMbcOPaDEP-KvgrE=/0x240/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/d/S/agp66oQsOnvihCABjKcQ/gq-international-black-04.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
d594a2febde39c78c4e26b9c11758c6c25eb848eaa767477d340473bf4f8969d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
797299385 ra03 11 07
age
1768781
x-cache-server
thumbor/nginx-cache
content-length
1772
x-cached
HIT
x-request-id
121e90ab-d462-4c0f-b941-f7b62a591a34
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"c0243f4f6a548b752246643514ef4fad3d9dbfb6"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:20:08 GMT
instagram.png
s2.glbimg.com/KsTsv-1OqAV9iUgNXNkw15u674Q=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/K/M/6fBKcLRUCVUqWtU7M5dg/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/KsTsv-1OqAV9iUgNXNkw15u674Q=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/K/M/6fBKcLRUCVUqWtU7M5dg/instagram.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
dbb8a07ee2515780441105ea9114506a727116bccadf6094dfaa48ed01587bd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798699721 ra03 11 07
age
1770151
x-cache-server
thumbor/nginx-cache
content-length
61774
x-cached
HIT
x-request-id
2a4a95df-4744-461c-bf5f-065bfdff787b
x-forwarded-host
s2.glbimg.com
x-thanos
0AB1D016
etag
"efa9b62744dbdb7de0afca5ac688820649dc30e0"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:18:15 GMT
twitter.png
s2.glbimg.com/05ZQ5m0EAorxFONBscNv3llxqiY=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/T/6/vMUXn2REiQUFNI3ACvgQ/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/05ZQ5m0EAorxFONBscNv3llxqiY=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/T/6/vMUXn2REiQUFNI3ACvgQ/twitter.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
585ac96a5411bbc137440554c2c1ede75f336ca229e7dceec92554d53f65fa79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
795627923 ra03 11 07
age
1770151
x-cache-server
thumbor/nginx-cache
content-length
72512
x-cached
HIT
x-request-id
7caf88db-bf62-4491-9bca-6700c94a9a3b
x-forwarded-host
s2.glbimg.com
x-thanos
0AB1D016
etag
"97d09318c3c218be958fe9cc15dbea581a8bb36c"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:15:42 GMT
facebook.png
s2.glbimg.com/ztV9pNtQSI20uQpfSDkK3Ze447E=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/V/V/jmApf1ROqHGVDgwKg9ug/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/ztV9pNtQSI20uQpfSDkK3Ze447E=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/V/V/jmApf1ROqHGVDgwKg9ug/facebook.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
41bf4686e95c371d9a68dd5f0258dad3e3c881e4916170c5bc4c9e6818a2ac17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
792258761 ra03 11 07
age
1770151
x-cache-server
thumbor/nginx-cache
content-length
41192
x-cached
HIT
x-request-id
6f3803dc-8334-4f35-97c8-37d806dc9aad
x-forwarded-host
s2.glbimg.com
x-thanos
0AB1D016
etag
"2fc1e52c8b38cf3d065f75a92c457b1b0815f9ad"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:15:42 GMT
pinterest.png
s2.glbimg.com/TiPvfr_qNlb32v5IEdDyNSE6JnI=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/M/U/3E1ZdDRUmwEo5ufs4GMQ/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/TiPvfr_qNlb32v5IEdDyNSE6JnI=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/M/U/3E1ZdDRUmwEo5ufs4GMQ/pinterest.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
210386e617b9dc6c08f6e7ac33b4339a900e42a48f8e19554f220db1bfb8f50c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798925534 ra03 11 07
age
1770151
x-cache-server
thumbor/nginx-cache
content-length
53678
x-cached
HIT
x-request-id
e8b795e9-520e-45fb-9dd4-10edc40488d4
x-forwarded-host
s2.glbimg.com
x-thanos
0AB1D016
etag
"1bcd30b8afb631600038bfe516a5ad6eba12a926"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:18:15 GMT
linkedin.png
s2.glbimg.com/TX02o3wPzSGtMOq27x2bENq5S7w=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/T/x/xEcatCQlWjq5CCroDfAQ/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/TX02o3wPzSGtMOq27x2bENq5S7w=/600x0/filters:quality(70)/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/T/x/xEcatCQlWjq5CCroDfAQ/linkedin.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
dcd021720c65ffdbfdbfb6a6f23f9c316778309aba46aef42c563c17bb7772af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
2.0 CachOS
x-bip
800195238 ra03 11 07
age
1770152
x-cache-server
thumbor/nginx-cache
content-length
49904
x-cached
HIT
x-request-id
72930714-9903-4bd6-8e15-cfb998045652
x-forwarded-host
s2.glbimg.com
x-thanos
0AB1D016
etag
"75cfb95481270056c5bd2d6c88834d4a74d2f320"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:15:42 GMT
regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
x-openstack-request-id
tx8b7dbdf28b7f40ec84bca-0065207414
last-modified
Tue, 25 Jun 2019 17:36:35 GMT
x-thanos
0AB54008
etag
4124088fdd8c315a6d096b65b6cbf428
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484194.26376
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10352
x-trans-id
tx8b7dbdf28b7f40ec84bca-0065207414
x-request-id
9a4e22a2-3698-45f3-a9e8-cf58684fa85f
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
89559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 09:10:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:53:59 GMT
x-content-type-options
nosniff
age
90534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 08:53:59 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:08:38 GMT
x-content-type-options
nosniff
age
122055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 00:08:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:28:03 GMT
x-content-type-options
nosniff
age
146090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 17:28:03 GMT
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
x-openstack-request-id
txf6af229a039947a68fbbb-0065207414
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB54008
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
txf6af229a039947a68fbbb-0065207414
x-request-id
fb170d55-3ea6-4489-95fc-ad0d6b06ab29
bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
x-openstack-request-id
txb7346c5444ae43198b0eb-0065207414
last-modified
Tue, 25 Jun 2019 17:35:22 GMT
x-thanos
0AB54008
etag
8593a5a07cf620d4512fcb71cbcd07a6
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484121.35690
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10284
x-trans-id
txb7346c5444ae43198b0eb-0065207414
x-request-id
37f0864d-e60a-4ebf-af12-ea7d5d909462
truncated
/ 		436 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Wed, 03 Jan 2024 10:02:54 GMT
via
2.0 CachOS
x-content-type-options
nosniff
x-bip
801605811 ra09 20 03
age
157
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323813245
content-length
20184
x-xss-protection
1; mode=block
x-request-id
6adc5c52-51b6-4657-9d73-b9e6be789b1b
last-modified
Thu, 04 May 2023 18:56:24 GMT
x-thanos
0AB4D012
etag
"d6cc1c50b230a5c61bb684e07f3e0e98"
vary
Origin
x-served-from
estaticos-gcp-prod
content-type
font/woff
access-control-allow-origin
https://gq.globo.com
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 03 Jan 2024 10:05:17 GMT
barra-globocom.min.js
s.glbimg.com/gl/ba/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
barra-legado
date
Wed, 03 Jan 2024 10:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
799705799 ra03 11 07
age
262
x-cache-status
HIT
x-goog-meta-x-goog-reserved-source-generation
1669739323699742
content-length
10597
x-xss-protection
1; mode=block
x-request-id
3d615e14-ff9a-4f65-8a9b-f80b1baa2f18
last-modified
Thu, 04 May 2023 18:56:23 GMT
x-thanos
0AB1D016
etag
W/"1af9514851ffe9f801c5468a9d1206ac"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 03 Jan 2024 10:03:32 GMT
truncated
/ 		203 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62023892994a076b2eca66194011febfcc294b8cd41084bd243bd97492f1c365

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ 		204 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5fb71968c62c1e84aebf36c57c13a32cd43d2962a231708a5b0f8a1273d95ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
x-openstack-request-id
tx8a0e6f9cd3064ce09faad-0065207414
last-modified
Tue, 25 Jun 2019 17:36:08 GMT
x-thanos
0AB54008
etag
98b6233d6ac91b3538d60fee0ce3393b
vary
Accept-Encoding, Origin
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484167.30297
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
10200
x-trans-id
tx8a0e6f9cd3064ce09faad-0065207414
x-request-id
6a2cf144-0afb-4f93-9263-a23c31b70639
guy-correndo-na-praia.jpg
s2-gq.glbimg.com/81-IzYs7i5jhQoyFgRiyUbsPhnY=/0x451:5196x3374/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/F/9/ap4Gi7SKOdA9C0Lr... 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/81-IzYs7i5jhQoyFgRiyUbsPhnY=/0x451:5196x3374/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/F/9/ap4Gi7SKOdA9C0LrWDLw/guy-correndo-na-praia.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
9e7246e5b43cf659bff57f2df76a526e18ea79572ee699879a6a2b7a8fe88cc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
796195278 ra03 11 07
age
52177
x-cache-server
thumbor/nginx-cache
content-length
16090
x-cached
HIT
x-request-id
01a712da-8b2b-47b3-ab8d-0707792a6a41
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"74c8b9a5aa3fe60e11827015eb4f09ba0dad2d59"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 19:28:21 GMT
collegio-alla-querce-gq.png
s2-gq.glbimg.com/aA3rpF272QeYGrvjbb5r-t8YQGI=/0x185:1587x1078/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2024/j/t/KcQ4hpRhGQjh33dE... 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/aA3rpF272QeYGrvjbb5r-t8YQGI=/0x185:1587x1078/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2024/j/t/KcQ4hpRhGQjh33dEjdGg/collegio-alla-querce-gq.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
4fc159c1f50afcd6c49797b8318566b5e413a5d855d9c14555bb200787cbf439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
799188769 ra03 11 07
age
52176
x-cache-server
thumbor/nginx-cache
content-length
30658
x-cached
MISS
x-request-id
20107932-2845-4a17-858d-9f2b674faf50
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"346bf67e36164a76286ffe4220d9672624aa08b8"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 19:33:18 GMT
gettyimages-1129156336.jpg
s2-gq.glbimg.com/1XtCVAPo-M0fNicNq93vFzK4hbs=/0x0:2121x1414/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/r/h/vbVksoS0Goc7AAhr71bA/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/1XtCVAPo-M0fNicNq93vFzK4hbs=/0x0:2121x1414/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/r/h/vbVksoS0Goc7AAhr71bA/gettyimages-1129156336.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
fd8cd065dbcd1620161f23eba89970248a8d5b27cf0df9e150855c4e199d430b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798765515 ra03 11 07
age
56486
x-cache-server
thumbor/nginx-cache
content-length
6243
x-cached
HIT
x-request-id
a3a1e44c-ea6c-44e9-82d7-52f10c84c2a9
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"023503345c2a7798530da80ba71718f53efd45e0"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 15:43:43 GMT
pexels-valeriya-kobzar-8257439.jpg
s2-gq.glbimg.com/rR6tNQz-SzPU5v8vaKnWOxn4p4s=/202x0:3024x1588/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/x/g/BVpbLSTq6W2mGggP... 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/rR6tNQz-SzPU5v8vaKnWOxn4p4s=/202x0:3024x1588/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/x/g/BVpbLSTq6W2mGggPEC5Q/pexels-valeriya-kobzar-8257439.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
7546b016636f90591efb92a44259b3828aebc23685608ead248cba5af3216de7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
800162954 ra03 11 07
age
52177
x-cache-server
thumbor/nginx-cache
content-length
32420
x-cached
HIT
x-request-id
d9e4ac88-487a-4142-93ca-0fb7b179ac2d
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"b1bc2094440d71680bc56b403d3405cc55a6e7df"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 16:33:26 GMT
gq141-modatrends-sandorkiss-5.jpg
s2-gq.glbimg.com/S573TmWiRXrX8mNwdgVBBYI6v-Y=/0x150:1440x960/500x280/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/Y/v/qsZk8HQOCW0pB88aY... 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/S573TmWiRXrX8mNwdgVBBYI6v-Y=/0x150:1440x960/500x280/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/Y/v/qsZk8HQOCW0pB88aYeBA/gq141-modatrends-sandorkiss-5.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
5ba8dfb0a5da80cc2ed29adaffd0d1c9573662ae3a98868fe6410b0b309e5ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
792258762 ra03 11 07
age
52177
x-cache-server
thumbor/nginx-cache
content-length
23652
x-cached
HIT
x-request-id
5719d381-159b-45c9-bcd4-27e08e343d1a
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"04bcf62c7bc43d99f1f7d9bf3219de9f82dbc193"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 15:18:18 GMT
fl23-digital-anr-sos-rescue-solution-product-and-texture-18-global-r-rel-lr.jpg
s2-gq.glbimg.com/V4RNA0eVKTjXJH4HCNYTcALq0NM=/0x98:1966x1204/300x159/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/7/b/vwmEogThqUobXJEXD... 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/V4RNA0eVKTjXJH4HCNYTcALq0NM=/0x98:1966x1204/300x159/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/7/b/vwmEogThqUobXJEXDiew/fl23-digital-anr-sos-rescue-solution-product-and-texture-18-global-r-rel-lr.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
ed36f6447131420db97c10f205103d50e2e72da1aff0e257fae350d5b6ca895d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
795964665 ra03 11 07
age
52177
x-cache-server
thumbor/nginx-cache
content-length
2887
x-cached
HIT
x-request-id
111d0730-8348-4b51-8332-33d3698c0328
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"60b587bd4f2552c7e81beee2e00632bb3e0ec121"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 15:18:18 GMT
breitling-relogios-gq.jpg
s2-gq.glbimg.com/HIbp5SgxQB9Zt2Ht49OVEkJ8WQ0=/0x0:620x413/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/J/S/UFT2x3RuCkBV86FjLCKQ/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/HIbp5SgxQB9Zt2Ht49OVEkJ8WQ0=/0x0:620x413/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/J/S/UFT2x3RuCkBV86FjLCKQ/breitling-relogios-gq.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
c4eba1dc71e28457f655d97a4b5882afc4cc977f94c2c9e508adb11ac7d325e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
793123115 ra03 11 07
age
1768781
x-cache-server
thumbor/nginx-cache
content-length
4970
x-cached
HIT
x-request-id
b43aaf00-d2d6-4569-ab00-e14072fb9495
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"f8bdf9bdcf6d2746320dc27fb0c7ecfad7f1d60f"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:15:41 GMT
taxa-preservacao-ambiental-ubatuba-gq.jpg
s2-gq.glbimg.com/9Bn4b78SFZ9s80YDM7eiC8sf8fI=/0x0:1024x681/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/B/b/yNFTfQQiiNcUYvpPPrlQ/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/9Bn4b78SFZ9s80YDM7eiC8sf8fI=/0x0:1024x681/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/B/b/yNFTfQQiiNcUYvpPPrlQ/taxa-preservacao-ambiental-ubatuba-gq.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
63b7f35b863accd55d7233b8134486a73a7e3158d420e50891fe05e171efe33c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798862777 ra03 11 07
age
52177
x-cache-server
thumbor/nginx-cache
content-length
5101
x-cached
HIT
x-request-id
07b09f50-4e7c-4bcf-be22-27caf4a3a0e4
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"3eb89947afc0b53df5dcf80a40c53c8ac1ce8d9d"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 15:18:35 GMT
gq141-motymanobrown-pedrodimitrow-5.jpg
s2-gq.glbimg.com/hM04vgNkKC3ei8BSm2o3PEvpe7g=/0x0:1800x1440/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/v/c/GwnleyQl6G00oA2g8Nxg/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/hM04vgNkKC3ei8BSm2o3PEvpe7g=/0x0:1800x1440/100x100/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/v/c/GwnleyQl6G00oA2g8Nxg/gq141-motymanobrown-pedrodimitrow-5.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
43aca9eaaa6979c0921402b48ea237e6ab903558a3a054b1f6366d3dfa230a0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
793503469 ra03 11 07
age
52177
x-cache-server
thumbor/nginx-cache
content-length
6005
x-cached
MISS
x-request-id
a1ec335d-6c19-473c-8ccc-7bd45b09ffb1
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"62eb686e2ed497c6c9f5f1c9bb23632d284131ab"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 19:33:18 GMT
fernando-diniz-selecao-2.jpg
s2-gq.glbimg.com/6sh3yGmO6qUJRjc2FDhaZWs63o0=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/s/C/Rha2PBQfWEdOfSmXI4fg/ 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/6sh3yGmO6qUJRjc2FDhaZWs63o0=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/s/C/Rha2PBQfWEdOfSmXI4fg/fernando-diniz-selecao-2.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
1400784a68cb4eae097b868fb71f712ec7132ac92b3847eb48219e886c943d3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
799705805 ra03 11 07
age
1001326
x-cache-server
thumbor/nginx-cache
content-length
307181
x-cached
HIT
x-request-id
ea24f77a-ff89-4821-b615-611b42518e2f
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"03cc3f43969cd8dfa1bdeb47a04ff44e8860dd67"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 18:03:39 GMT
snapinsta.app-412153591-1054136839232954-8842393878464022616-n-1080.jpg
s2-gq.glbimg.com/IrrvLu3MXhvfeJdbd2VBOTxie70=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/Y/V/dOCcZLQQ65MLdcARtUog/ 		150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/IrrvLu3MXhvfeJdbd2VBOTxie70=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/Y/V/dOCcZLQQ65MLdcARtUog/snapinsta.app-412153591-1054136839232954-8842393878464022616-n-1080.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
813d6b47814a757010a8ba6091e503dc97ac1391b93d7090538aadda7bc7cd85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798543044 ra03 11 07
age
1001326
x-cache-server
thumbor/nginx-cache
content-length
153441
x-cached
HIT
x-request-id
1962659a-b0f2-4214-a307-a85d750a1292
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"5b5f0c66a92d0b89925def6986233170a5645ac2"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 18:02:55 GMT
sp100338.png
s2-gq.glbimg.com/6_K5HPBIyRF2y8U4svCXWbtW4bs=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/v/s/4jOBuyRWG57mz5Fsz9XA/ 		881 KB
882 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/6_K5HPBIyRF2y8U4svCXWbtW4bs=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/v/s/4jOBuyRWG57mz5Fsz9XA/sp100338.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
854b8d9e537803c426ea2461ef169a2ae14d12f6962d109281f8d53946fea2b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
799675172 ra03 11 07
age
1001326
x-cache-server
thumbor/nginx-cache
content-length
901901
x-cached
HIT
x-request-id
6fadbd24-7471-4a4b-8f8e-aad678505bfc
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"444a9cf111bd55e1bf54cd88580833607e30f352"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 17:33:01 GMT
rcz-0689.jpg
s2-gq.glbimg.com/jgzAl9lKOByu9MujDw_P5EDmNAY=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/2/x/vAJFhdQYOkBmeItzgZxA/ 		664 KB
665 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/jgzAl9lKOByu9MujDw_P5EDmNAY=/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/2/x/vAJFhdQYOkBmeItzgZxA/rcz-0689.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
387ae1140b5a04c2ed990b6290cd2f75ae96680ac56c736d44db4a54e9fa944b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
796342754 ra03 11 07
age
1001327
x-cache-server
thumbor/nginx-cache
content-length
680118
x-cached
HIT
x-request-id
ee8cf422-a743-41a8-91b7-12007392dc1b
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"7b59f6425b507acd4619d85192e1b1789d843ea5"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 19:14:10 GMT
ledspfw-n56.jpg
s2-gq.glbimg.com/po7O9MXvdCYmTN2TwAH5SW7JAhA=/0x0:1600x2000/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/O/5/74gAfXR5KYDM1w2I9Fxg/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/po7O9MXvdCYmTN2TwAH5SW7JAhA=/0x0:1600x2000/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/O/5/74gAfXR5KYDM1w2I9Fxg/ledspfw-n56.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
06b2050ae62b0a1f9db2edf537cbd800a9b75915ba3a42e45573ffb0d9230599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798699725 ra03 11 07
age
47747
x-cache-server
thumbor/nginx-cache
content-length
32436
x-cached
HIT
x-request-id
7a440bd5-6894-4be2-862b-4a8903630970
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"fd5e820027ec3cd7073133b0ed056e93527a8661"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 01 Feb 2024 19:14:58 GMT
header-jubba-moty.jpeg
s2-gq.glbimg.com/ULylGvJEfyayHzsBA6PVnhFiMWs=/0x0:620x413/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/d/V/HGKcBNSZGaw5EaSLjyrA/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/ULylGvJEfyayHzsBA6PVnhFiMWs=/0x0:620x413/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/d/V/HGKcBNSZGaw5EaSLjyrA/header-jubba-moty.jpeg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
7c4a10dcc500424a1c3ecca481420214f32c060092dd12168ee38ac844fc2ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
796195284 ra03 11 07
age
1265678
x-cache-server
thumbor/nginx-cache
content-length
12126
x-cached
HIT
x-request-id
cb90d56d-a180-43a2-8670-103b8e95c5b1
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"2eddc5c721b5284b56d5ec6d8c7cc29573d7463e"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 18 Jan 2024 17:02:41 GMT
cleo-3-.png
s2-gq.glbimg.com/-YU-n7ebGwIx9qNIzi5VzgMQJ1g=/0x0:1920x1280/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/k/M/nZrCyqRba4B5DyuPNdCQ/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/-YU-n7ebGwIx9qNIzi5VzgMQJ1g=/0x0:1920x1280/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/k/M/nZrCyqRba4B5DyuPNdCQ/cleo-3-.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
47a6f2faca095adfb6b040e84a6c1b18853adfe9f083339730c23e4d0393e1c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
793471143 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
11444
x-cached
HIT
x-request-id
27bbfc10-4f00-4919-99a2-c0ef80ac8e18
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"68d4c893a013395d273e16d923701bcc85ac5dbc"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 18:06:51 GMT
mixcollage-07-dec-2023-01-26-pm-5405.jpg
s2-gq.glbimg.com/1VQV2_96yVMeQyuseW0gotFRDmA=/0x0:3508x1973/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/t/5/gsxea8TKuu2SU9LMgRng/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/1VQV2_96yVMeQyuseW0gotFRDmA=/0x0:3508x1973/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/t/5/gsxea8TKuu2SU9LMgRng/mixcollage-07-dec-2023-01-26-pm-5405.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
f658780ff4e0ec7b60e3e7a55549d6b31536ac878493ae579d7a75e53adcd978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
797595535 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
20564
x-cached
HIT
x-request-id
4d702666-670b-4f0b-bce4-b59bbf387734
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"3663b652b9e9bd0e294b2cf2a70aef373c10178e"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 17:24:00 GMT
header-site-menor-1-1-.jpg
s2-gq.glbimg.com/a0ZVITKlsEYuh-cN8_5s6GKV1To=/0x0:620x413/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/a/r/s6DgsxS6AvT9BAIg0Ucg/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/a0ZVITKlsEYuh-cN8_5s6GKV1To=/0x0:620x413/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/a/r/s6DgsxS6AvT9BAIg0Ucg/header-site-menor-1-1-.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
0152bd2a790c685e9094cfc5b087cfd6d96d3a233e99e4ce3badcff8a9e17854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
795627929 ra03 11 07
age
1768781
x-cache-server
thumbor/nginx-cache
content-length
17012
x-cached
HIT
x-request-id
8b97b9ed-abb1-4312-b067-6ed77238d2f0
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"05c2405025159361127fa9fd5c100f5a7373e3f2"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:15:41 GMT
header-site-menor-6-.jpg
s2-gq.glbimg.com/vWghY-emmGZwqv_bqDtK85UYg1Q=/0x0:620x413/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/6/J/syRn84TKWVLsT1wsqfGg/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/vWghY-emmGZwqv_bqDtK85UYg1Q=/0x0:620x413/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/6/J/syRn84TKWVLsT1wsqfGg/header-site-menor-6-.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
5ae725510297fb91c428a7669079926ad709f0526c39341d056611dbb2be4eb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
799575050 ra03 11 07
age
1768781
x-cache-server
thumbor/nginx-cache
content-length
9414
x-cached
HIT
x-request-id
f2084726-81fb-45ad-8f09-384115928e9e
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"6e0d85cef32e472cb45cc58ab9fa3b623127230d"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:20:08 GMT
header-site-menor-2.jpg
s2-gq.glbimg.com/Bv18buOq9Q2asqIr22F1U4g1d4Y=/0x0:620x349/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/K/B/NpuANIQIyilgBpcbURQA/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/Bv18buOq9Q2asqIr22F1U4g1d4Y=/0x0:620x349/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/K/B/NpuANIQIyilgBpcbURQA/header-site-menor-2.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
b7a00c9d4dabb90adc79877ff34fc831de5393a7b938e1f4f7c3325cbdbd6e87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
800131124 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
7701
x-cached
HIT
x-request-id
26077554-a2e2-4fbb-a8ac-fc49d0bf34f0
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"c7cb8e58a32dd001fd00be38e27770cde1227a65"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 18:00:53 GMT
junior-defante-moty-gq.jpg
s2-gq.glbimg.com/49HL-AA75LEGcCAnNeU_Ky7EREE=/0x0:1593x1385/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/I/p/dEIKxrQyqTvBdQBz9cNA/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/49HL-AA75LEGcCAnNeU_Ky7EREE=/0x0:1593x1385/540x304/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/I/p/dEIKxrQyqTvBdQBz9cNA/junior-defante-moty-gq.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
8ecc3827389f4c86cb8d5c5d3c5926d7e16268aaafef093ab3e124876e1f0813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
800000702 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
24576
x-cached
HIT
x-request-id
8b7aed3c-9f75-44be-b6e6-3873cf36ab4c
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"74c113f7a6cee6d478836d38ee173e27b9e3083f"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 18:39:50 GMT
stallone.jpeg
s2-gq.glbimg.com/PbYACEq2AEF09eRSvMo7f01l12s=/0x0:800x450/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/2/Q/GZZMFxRnOEVemHs5UczA/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/PbYACEq2AEF09eRSvMo7f01l12s=/0x0:800x450/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/2/Q/GZZMFxRnOEVemHs5UczA/stallone.jpeg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
95035af12e7364165cfd8733ce106f01f5c40ec64b5d6b3cb033404e99eb2292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
797225724 ra03 11 07
age
1768365
x-cache-server
thumbor/nginx-cache
content-length
7122
x-cached
MISS
x-request-id
fcd3a794-f03a-4815-8a72-4ee4569d3331
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"52643a1d7d42a7bccf743455e95baf7f979d9b0b"
vary
Origin, Accept
content-type
image/webp
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Fri, 12 Jan 2024 22:50:10 GMT
ciclista-bonito-na-bicicleta-de-verao-andando.jpg
s2-gq.glbimg.com/x2ASSD90xdknilB93XH8Io_R0UM=/0x0:6048x4032/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/t/k/uBCjDRSrivnFn3Svqjpg/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/x2ASSD90xdknilB93XH8Io_R0UM=/0x0:6048x4032/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/t/k/uBCjDRSrivnFn3Svqjpg/ciclista-bonito-na-bicicleta-de-verao-andando.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
064a772ccd1d039c8b5a1f89c5127fd82c0f8d231d97abe44844a531b3640df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
798925538 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
5181
x-cached
HIT
x-request-id
8007f4cb-5132-45c4-9482-cfd781e4bfd7
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"7d65d1e5f9ad9960c8b18251ab59f4235db740af"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 19:14:26 GMT
cafe-treino.jpeg
s2-gq.glbimg.com/lhTZYNkFVAFtO9SmcdF1G6xcLM4=/0x0:6000x4000/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/L/5/EloiOQTACR8dEO2KlaJA/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/lhTZYNkFVAFtO9SmcdF1G6xcLM4=/0x0:6000x4000/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/L/5/EloiOQTACR8dEO2KlaJA/cafe-treino.jpeg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
798eccb7180ba9b3c6c872d6a5b618e3c8b345940448a8a49ed1fc7b3f614d16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
796342751 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
7402
x-cached
HIT
x-request-id
c5f9f573-4fc5-4176-ad0f-be68e404e374
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"26cd473ecbfa419b4b31feceb8ba731776e3d16f"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 17:57:22 GMT
adam.jpg
s2-gq.glbimg.com/XaFwfcgni0xmmxBKE1LgWDlFGPg=/0x0:715x429/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/3/X/SNYPBeQj6ced8bYZbzCw/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/XaFwfcgni0xmmxBKE1LgWDlFGPg=/0x0:715x429/280x160/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/3/X/SNYPBeQj6ced8bYZbzCw/adam.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
58a92be9689dd093a3a3e264cf3db88295e260759302b6f2fe4a17faf0299913

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
799675174 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
12516
x-cached
HIT
x-request-id
39d82345-4800-4647-b36c-49a65187cadc
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"6493938e5a2e71ceed6720238ac4bc89f1b2f0f3"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 19:14:10 GMT
transplante-capilar-luciano-camargo-lucas-lima.jpg
s2-gq.glbimg.com/TV6MdgR1PHfphmZmuUGbsGBsV7I=/smart/filters:strip_icc()/s2-gq.glbimg.com/4Hzg8xj5VCljhRvuyu4SeN5blMY%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_71a8fe14ac6... 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/TV6MdgR1PHfphmZmuUGbsGBsV7I=/smart/filters:strip_icc()/s2-gq.glbimg.com/4Hzg8xj5VCljhRvuyu4SeN5blMY%3D/600x0/filters%3Aquality%2850%29/https%3A//i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/v/2/ybz5x0QZyWYyLnG8P9VA/transplante-capilar-luciano-camargo-lucas-lima.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
ecbd722c399d493daa752e0e478ad1d77349720bfb6bb274cdf079e62e641fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
796712314 ra03 11 07
age
1000476
x-cache-server
thumbor/nginx-cache
content-length
10854
x-cached
HIT
x-request-id
df34658a-d4d2-44fe-aa3d-c651bac82527
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"7b3d58306a8e533b4eca8133ad36220f001f1484"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 21 Jan 2024 19:17:49 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
826
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83fa68a77e0f9a0b-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 06 Jan 2024 10:02:54 GMT
web
onesignal.com/api/v1/sync/d4b399a8-4a09-40fc-8096-4e5b8374755b/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d4b399a8-4a09-40fc-8096-4e5b8374755b/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d750b4aef52ee08041bd9f344a4899b4187dcc064984192dafd038d0e09f15f9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1123
cf-polished
origSize=5135
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ef0358f8-11f8-46c3-a33d-d294c23b650f
x-runtime
0.032271
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"6513717eb4fc4231590df2b9c062bf9d"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83fa68afcee19a0b-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 03 Jan 2024 11:02:55 GMT
15688_gq.js
ads.rubiconproject.com/prebid/ 		397 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/15688_gq.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/lib-pub-core-gq-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash
469de723997ce6eb57df3a495db1be8cac72b9b275afb849906ffb9f82aafcb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
last-modified
Wed, 03 Jan 2024 08:40:38 GMT
server
Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
content-length
128519
expires
Wed, 03 Jan 2024 13:16:15 GMT
publicidade.css
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/css/prod/publicidade.css
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/lib-pub-core-gq-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:54 GMT
content-encoding
gzip
x-openstack-request-id
txca27bfbc9ad841bf961d6-00659530cb
last-modified
Wed, 13 Sep 2023 18:42:19 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1694630538.09953
cache-control
public, max-age=180
x-trans-id
txca27bfbc9ad841bf961d6-00659530cb
x-request-id
85df6351-2480-4565-891e-2d2b175b5e95
1.tiny.js
static.infoglobo.com.br/paywall/js/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
5afe98affdf49aa3bc7d6bf163f2bb26759f15df90322cb80e25b888d3afaa96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-openstack-request-id
tx9c07949bc1ba425380392-0065950526
x-cache-status
HIT
supportspointer
true
x-trans-id
tx9c07949bc1ba425380392-0065950526
x-request-id
f96cb6e582332a584f66f864c6d20864
last-modified
Thu, 21 Dec 2023 17:21:10 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1703179269.71617
cache-control
max-age=600
charset
utf-8
expires
Wed, 03 Jan 2024 07:06:38 GMT
18.tiny.js
static.infoglobo.com.br/paywall/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/18.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
c0dfa41b2d4fa3807f0af808f79cfbad0375d767bbded26906bdefac0724a6a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-openstack-request-id
tx00efd1b0e65142969a9fc-006584a82d
x-cache-status
HIT
supportspointer
true
x-trans-id
tx00efd1b0e65142969a9fc-006584a82d
x-request-id
8ce57f40ad3ea25447b7f629e14c28a0
last-modified
Thu, 21 Dec 2023 17:21:20 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1703179279.20494
cache-control
max-age=600
charset
utf-8
expires
Thu, 21 Dec 2023 21:13:43 GMT
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
date
Wed, 03 Jan 2024 10:02:55 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Jan 2024 09:21:36 GMT
server
cloudflare
age
2479
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=1800
cf-ray
83fa68b19daf39da-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
xxomxjpi14
expires
Wed, 03 Jan 2024 10:32:55 GMT
advertising.js
www.npttech.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-amz-version-id
AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SWQCGAQZP7WJA131
age
2835
alt-svc
h3=":443"; ma=86400
x-amz-id-2
j/As3g5Vs+OcyIEmUyw7yHQOlya/i6h9mxz2hP5TWjGxT9v9NTOq1K0EdKuYQO4A7bm2yTPCpzA=
last-modified
Tue, 18 Oct 2022 13:20:01 GMT
server
cloudflare
etag
W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzV2u2ra6W8d3TAxmy4wSwo9jm9xrbzuon6x6zWpkxWtVIkTsRWW19JH2oj8c6lyOjbtHfmp1%2BMHQ255JEG3k6r1tPL76vBh5CWvSza%2FYcH7UHQycEjt1lHLoeaynyWEox7fG1C84Az5Rut1irA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
cf-ray
83fa68b1ded39277-FRA
api.min.js
p.glbimg.com/api/stable/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.glbimg.com/api/stable/api.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/5833c06a4657f2d06fb3e9a9b1b84849.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
798035243 ra03 11 07
age
42258
x-cache-status
HIT
content-length
12654
x-xss-protection
1; mode=block
x-request-id
0c42fbca-59d2-4fe2-bb5a-83a4f024da70
last-modified
Tue, 03 Jan 2023 00:49:51 GMT
x-thanos
0AB1D016
etag
W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 03 Jan 2024 22:18:38 GMT
gui.lightbox.min.js
s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/js/gui.lightbox.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/5833c06a4657f2d06fb3e9a9b1b84849.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
47f0f7b5f1d27bc9c731cae83bf7a2ff5ef9ccd1b529976a9093ef6fae5868dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-openstack-request-id
tx3c33ba4d9d5d473fac481-00659530a3
last-modified
Mon, 30 Apr 2018 13:52:13 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-timestamp
1525096332.76449
cache-control
public, max-age=180
x-trans-id
tx3c33ba4d9d5d473fac481-00659530a3
x-request-id
def6435a-60f8-4c21-95a1-c0857ca33b32
gui.lightbox.min.css
s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/css/ 		33 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/gui-lightbox/1.5.7/css/gui.lightbox.min.css
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/5833c06a4657f2d06fb3e9a9b1b84849.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
15a2c119963d6bf7f267006258b5ee21f4c9515a368d3988bd9992e9324effc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-openstack-request-id
txc58f984aa4d541b694723-0065953040
last-modified
Mon, 30 Apr 2018 13:50:26 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1525096225.59397
cache-control
public, max-age=180
x-trans-id
txc58f984aa4d541b694723-0065953040
x-request-id
007e6d7c-677a-4575-a670-42371b400f80
header-site-home.jpg
s2-gq.glbimg.com/MSysS6psWgceLIUDdbjzzpbOuf4=/45x0:1145x619/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/g/r/x0PLgfQLe9q3OYdmH... 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2-gq.glbimg.com/MSysS6psWgceLIUDdbjzzpbOuf4=/45x0:1145x619/1200x600/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/g/r/x0PLgfQLe9q3OYdmHXvw/header-site-home.jpg
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
d130a4cf6261f982a97d3b4bcbfe2c9732e59ca6fd39418c21b9fbb6c77db830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
via
2.0 CachOS
x-bip
799705807 ra03 11 07
age
420406
x-cache-server
thumbor/nginx-cache
content-length
113841
x-cached
HIT
x-request-id
f4753ee0-c0da-4cc8-b739-d8f023df1d61
x-forwarded-host
s2-gq.glbimg.com
x-thanos
0AB1D016
etag
"2679ece54738418ac16fe9d0c3013fcf7650f68d"
vary
Origin, Accept
content-type
image/avif
cache-control
max-age=2592000,public
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Sun, 28 Jan 2024 12:36:59 GMT
login-callback.ghtml
gq.globo.com/ Frame B21D
Redirect Chain
  • https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=revista-gq%40apps.globoid&redirect_uri=https%3A%2F%2Fgq.globo.com%2Flogin-callback.ghtml&state=33a00290-b247-441f-b...
  • https://gq.globo.com/login-callback.ghtml
345 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gq.globo.com/login-callback.ghtml
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/5833c06a4657f2d06fb3e9a9b1b84849.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.177.252 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=10
content-encoding
gzip
content-length
244
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 03 Jan 2024 10:02:56 GMT
expires
Wed, 03 Jan 2024 10:03:06 GMT
show-page-version
0
vary
X-Forwarded-Proto, User-Agent, Accept-Encoding
via
2.0 CachOS
wall-blocked-session
0
wall-subscription-level
0
wall-usl-status
x-bip
71432843 cmad07lx21ca04.globoi.com
x-cache-status
MISS
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-location-rule
ghtml
x-mobile
desktop
x-request-id
69f030d2-280f-45b2-b786-4cfca6b7b014
x-served-from
rpaas-multi-domain-edg3-prod, Show Services GCP
x-thanos
0A82BC06
x-virtual-host
gq.globo.com
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, must-revalidate, max-age=0
content-length
0
date
Wed, 03 Jan 2024 10:02:56 GMT
location
https://gq.globo.com/login-callback.ghtml#error=login_required&state=33a00290-b247-441f-bcd8-cf924fa7ac03
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-xss-protection
1; mode=block
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-openstack-request-id
txacd9ce28be644ab599b77-0065952f55
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
txacd9ce28be644ab599b77-0065952f55
x-request-id
4ed13182-5ef1-4473-a4f7-e85f34bad803
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
barra-gcs
date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
2.0 CachOS
x-bip
795376425 ra03 11 07
age
42260
x-cache-status
HIT
content-length
945
x-xss-protection
1; mode=block
x-request-id
41f3fcc3-539a-4b85-b1c1-3dc62f760560
last-modified
Fri, 11 Nov 2022 21:36:41 GMT
x-thanos
0AB1D016
etag
W/"aaaef25ae81d7253ced007ce6451d65e"
vary
Accept-Encoding, Origin
x-served-from
estaticos-gcp-prod
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 03 Jan 2024 22:18:35 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Server
18.239.83.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-91.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 07:02:37 GMT
via
1.1 ca0e18fe48e6994b3446a58a1e05c1ce.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P5
age
10931
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
kRg8KIXypZSaVaC4N6PVI6IekKTocgWocK2LuuorAMzQVM8AwgB0GQ==

Redirect headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 ca0e18fe48e6994b3446a58a1e05c1ce.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
ErfMa2bojJlUaOopk_-ZfDfGRW4LcX0-IswZnc7IAZogbr1wyOoIyw==
logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://barra.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-openstack-request-id
tx57e1b3498f0347a3af36e-00659530a2
last-modified
Mon, 17 Oct 2022 13:20:36 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1666012835.41302
cache-control
public, max-age=180
x-trans-id
tx57e1b3498f0347a3af36e-00659530a2
x-request-id
46e549ed-803f-4d1b-a826-dc8a96ecb2e5
p
sb.scorecardresearch.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1704276175341&ns_c=UTF-8&c8=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&c7=https%3A%2F%2Fgq.globo.com%2F&c9=
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-91.ams58.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 ca0e18fe48e6994b3446a58a1e05c1ce.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
7PP-dMQQBDaHe0cFfoKDEjI4IYeHELV4buoHRhMXkC6u5Po2y9TQjA==
esp.js
cdn.id5-sync.com/api/1.0/ 		152 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Dec 2023 12:57:20 GMT
server
cloudflare
x-amz-request-id
N1Q6XNMTB1RT927G
age
1677
etag
W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
83fa68b54dcc2c19-FRA
x-amz-id-2
H5yLzTS5rv+zfAJ5GHpITZE7EAwxhirbEOBmJ+YCokkf7tagMf3Cx7FYsKZxkb/38g29R0nBoyQ=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:d600:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6310
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230088-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plMsY3oVN9OukPnDLiYhHa5xz010wVmBmcQwjZi2%2F7M%2BCeg%2BYLoEij5qq4JH%2FASvzTsOduk45b5R%2BwhRahWlHtX2OjhNO7xWSxbRYGgKNtH%2FSXJGturUozPrL5ts1tDnD3fjBvWynJHQfXi7uDM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83fa68b5afb519ad-FRA
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 18:27:07 GMT
content-encoding
gzip
age
2388949
x-guploader-uploadid
ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 05 Dec 2024 18:27:07 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 21 Dec 2023 07:50:16 GMT
server
nginx
etag
W/"6583ee38-a9b8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 04 Jan 2024 10:02:56 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 05:47:04 GMT
content-encoding
gzip
via
1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
15944
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
24yPZBY1UWlLfAqfS3LcTSCDTFDg75o2FEDsR2rTFMBXbLIdA2EV7w==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
0e9e5d0b696c1ec8ee6872059d5a173f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
ads
securepubads.g.doubleclick.net/gampad/ 		25 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=145814403785538&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%7C970x150%7C1190x250%7C1190x150&ifi=1&didk=557148462&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704276175371&lmt=1704276175&adxs=436&adys=342&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1600x250&msz=728x90&fws=0&ohw=0&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEhkKCnB1YmNpZC5vcmcYidSa9swxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGInUmvbMMUgAUgIIZBIXCghydGJob3VzZRiJ1Jr2zDFIAFICCGQSGQoKdWlkYXBpLmNvbRiJ1Jr2zDFIAFICCGQSFAoFb3BlbngYidSa9swxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiI1Jr2zDFIAFICCGQ.&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DTop%26rc%3Dpub-super-1_0&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=1339606424&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38e66d18b8e584c2ec683f5c09f668a7fb4d4994b4e33a54f904151d9761d313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10127
x-xss-protection
0
google-lineitem-id
6189000687
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138439598021
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=1703154641087108&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=2&didk=3389147196&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704276175380&lmt=1704276175&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1200x268&msz=266x0&fws=132&ohw=266&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEhkKCnB1YmNpZC5vcmcYidSa9swxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGInUmvbMMUgAUgIIZBIXCghydGJob3VzZRiJ1Jr2zDFIAFICCGQSGQoKdWlkYXBpLmNvbRiJ1Jr2zDFIAFICCGQSFAoFb3BlbngYidSa9swxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiI1Jr2zDFIAFICCGQ.&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DBox-Chamada-1&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=1991576862&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f87f3127514fd7faf0efe9ccea74308f11aef1e7cf2c7e0905498aa3c43f6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12106
x-xss-protection
0
google-lineitem-id
6113331093
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138456723851
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=723891105824683&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=3&didk=3389147197&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704276175385&lmt=1704276175&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1200x268&msz=266x0&fws=132&ohw=266&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEhkKCnB1YmNpZC5vcmcYidSa9swxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGInUmvbMMUgAUgIIZBIXCghydGJob3VzZRiJ1Jr2zDFIAFICCGQSGQoKdWlkYXBpLmNvbRiJ1Jr2zDFIAFICCGQSFAoFb3BlbngYidSa9swxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiI1Jr2zDFIAFICCGQ.&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DBox-Chamada-2&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=669577487&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5f80ba474cd2d942d8f30e1777b370382de7abc4a142d0e346cb2e2575f7138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12079
x-xss-protection
0
google-lineitem-id
6113331093
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138458110305
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8828 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4adb1d732164e29f2aa6347013c50e377f74434fa686c7959d37b2684d1afe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88138
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jan 2024 10:02:56 GMT
ns.html
www.googletagmanager.com/ Frame 111C 		925 B
567 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
344a3f20ef266859578f11065f8834b44db13f7df3b2b4c66533c16241f22be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
247
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EFC7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6101 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame AFD9 		268 B
161 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame 757C 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ns.html
www.googletagmanager.com/ Frame 9B6E 		268 B
158 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6101 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
17656749964490476593
tpc.googlesyndication.com/simgad/ Frame 6101 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17656749964490476593?
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7aa2e57f4d824a5a7c0300853c4f988be1d8b444030878c67ea16aab7dc12507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50981
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 17:40:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Jan 2025 10:02:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6101 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:55 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EFC7 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
2414406166278391652
tpc.googlesyndication.com/simgad/ Frame EFC7 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2414406166278391652?
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e4b6d24bcbda905bd5e1701c6af6280763332dbb08b46310962331c8d478c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21403
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 22:35:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Jan 2025 10:02:55 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EFC7 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:55 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240103
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
052af0d6073dae1bb637d84bfc04381c7e09a4731ac81eafff94daaf636d6f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
21720
x-jsd-version
1.0.1923
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-lga21954-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"631-E9cxJLK8RwGgcvhgj7GU+xAIIDA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2BnVEB5BmHI0MoOMUe09RXBYmqIOthbCREQuISwGpISk6YXWpm73y9Xdy%2FsSRnEgA6Kv74AwQT%2BH3mJ47HjKbP8JrwwsOq07eHwYQ9btJC%2F1dRBExpTgSobohApjyc23XSyX9UUWq4vFRciY23g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
83fa68b1bb442bd6-FRA
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D498 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
horizon-pageview
horizon.globo.com/auth-session/activity/gq/ 		0
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horizon.globo.com/auth-session/activity/gq/horizon-pageview?object=https%3A%2F%2Fgq.globo.com%2F&Referrer=&tags=&client_version=0.3.11
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=60
content-length
0
x-served-from
hzt-tsuru
content-type
text/plain; charset=UTF-8
view
securepubads.g.doubleclick.net/pcs/ Frame 6101 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujOJoG3rsuHqpbMqM8DfzMryIb8p5FeswB9klNjubt04AgIPKWh7kavZ5YpgNL1H68vAtQCSJp5TpVSTEM5wCTLX6pQ8Jo1l94jWRxkWzWXneUK-k34BF9yTJVSJZZ0Q4G2HUhcrQONPlgMrTDHNsRciZgwcvUZtNGCbBQ_sBcEXNCov_B6oCgD5dNLmsEJD0mfJPA8-s2ytcfGkI0RQAeVSAXHUDwClGHF3E3t2BM882PryKXkJbmelm25lmO2vMCvVGSh1Id-30mZAPkbpIbOymlXIy14WIr_afP5_2-H1h5PGRC6Ix4MXveHTaL55p4coNjzzZDDbQ&sai=AMfl-YTsCwNtxcGMzBFiqZb2mbnwi-VZgn18rIjqgzJODvv7qo7jkW7FvMtsWahuyN48q1awB-hD6H_r3Nuz8yhUX4-530Jl4RsFQOduSgcto4Eqvz58Qn4-0QNs90e277SCBk-CaF7yfEwg8-eMhw6jR5NR&sig=Cg0ArKJSzBRu00Hd2cApEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:55 GMT
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 6101 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-openstack-request-id
txc3c5db33bde84dd08e8f5-00659530cf
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB54008
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
txc3c5db33bde84dd08e8f5-00659530cf
x-request-id
35d4978e-1ad6-4442-8b83-d3f881bdc585
regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame 6101 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-openstack-request-id
txe7ae3e313caa401489750-00659530cf
last-modified
Tue, 25 Jun 2019 17:42:57 GMT
x-thanos
0AB54008
etag
a28c6bf751afd0731507d904609fe5da
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484576.57450
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20904
x-trans-id
txe7ae3e313caa401489750-00659530cf
x-request-id
ddde38b6-e2ec-43c5-bfa2-087e0917b91b
view
securepubads.g.doubleclick.net/pcs/ Frame 6101 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveMrMjezBPOFcyJIrOWvjpTmYEd_LkoiuNn_rXg5fQw5fm2bwFMpZhrnA9r11hW6G2gwZumKkXIkvCMcq3Js9bnSEdxm0q7QRspqOvUxuZNoz_Y-A-Sny-n4cKdEyPUXp6e_rxg8-KNYhEoCHQ1n0UaJa7GkmO39y9qTlsNibKCc2zhUKh-gmY8e2viMNptBofyDtfFhczVdwA3f8W6rMjRfhA91mim7AmyPNqqh-TmnOxXSVeGe3biN9EFEuv6Mrgf6LxWI9n1sVDzYIP0keYg7pa0X8yvWH7k0LQhtAdVyzmQhgRoqQuvfxyrIfqKgP7R20chv8GT0hAlg&sai=AMfl-YQu5k7YbCNQM-0AToVQHSKRpSeRTpWFzRZTRcI0tqp4qayTs2_lCwqlK72Ck26J6Z9lmtmqBy82Kq4s0iXr2wSEeK6hm9_TwQ7uvWyEWHoz0CBl0WJ6kTj2ooKAwwpQtosqIUk4M5NGyJjEV1X1No39&sig=Cg0ArKJSzLkQvipA870HEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:55 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EFC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzeEi_TFvX6hvLJsbzBeHJt_ySWI2C_wNvIeDuTz8Zoym1WfnKrrBLSa3omwukkYpGkF0jNQiTHUhTqZt56miHDa_iFaBBYrSecS-M1s_ZvwrQ_5hGu5tLDIqDddKy9vf-3l5Bz-DtTkadRkLnU3kTfQlWspVZinxuT-GWFSj3LMfyu_GOiYmRbZ_rwyJb226uMEf1-PtvvM9oBzn5maexLNZUU8zV2i4vfj3wScPtXVKBfE8Z2pMcEsMC8-Ij2HBx0OI51BB1hBBpjlZYTXzlbZnepBINTEyx5QypGaAez4VHw9mIl5HSKNpgGbD_rUcgH-AtKYBCklA&sai=AMfl-YR3xv7jxS8tyJX1N5-s5_TmcJ6abZZ-G4I95zc7xwOgjbTeSO3NUI3b6BuMwclWg8HuubGk8wBhkfCtYlMOBu1scPFjvDZV8xcrNKe02oDVGsMtBrLs1rK9_V6Dxt7eqvSG1ZaAjezXko5gCfdCYus&sig=Cg0ArKJSzBIuqGVj-UFWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:55 GMT
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame EFC7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txc3c5db33bde84dd08e8f5-00659530cf
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB54008
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
txc3c5db33bde84dd08e8f5-00659530cf
x-request-id
b3221215-bfd7-4fcc-9803-9e08ee3ba6be
regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame EFC7 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txe7ae3e313caa401489750-00659530cf
last-modified
Tue, 25 Jun 2019 17:42:57 GMT
x-thanos
0AB54008
etag
a28c6bf751afd0731507d904609fe5da
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484576.57450
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20904
x-trans-id
txe7ae3e313caa401489750-00659530cf
x-request-id
7595b1f7-782a-4941-968e-76e2f9e01823
tinypass.min.js
cdn.tinypass.com/api/ 		388 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-amz-version-id
0QIZetJ_7irXXHtLgdmNhkMj0U1YDIAl
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
4YQWDKQ4X13A4SS7
age
5574
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
quVOiSXbQh0sXxJZHf0l4Dv6WhOe6vHo/0mx+oAzLmPSwKpzZJ6TcBxjZn67TQnZTCnB9Q7mZII=
last-modified
Tue, 19 Dec 2023 11:23:13 GMT
server
cloudflare
etag
W/"f8312bff3c7ba81de4b41efef3dbdb77"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83fa68b66a5239da-FRA
expires
Wed, 03 Jan 2024 14:02:56 GMT
truncated
/ Frame 6101 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b780e13bb7d2087bc3eb60588f4bdc2c58305ad272f0b682834d5954a1797852

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame D498 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 23:00:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
39758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 23:00:17 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame D498 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 22:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Jan 2024 22:31:35 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D498 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D498 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:55 GMT
truncated
/ Frame EFC7 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b5536f11666fcce98299b628a4838bd5b28934b117d17c293366d0045415019

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame EFC7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZoYtdcHgt1ne9ShXEuEUX9lOAUxmCRBaWbmqpqZFaRk-1cTcmXW1IWBOxY_Naod3d-SPM2ok_LI7V-vDEoZNj_qP4TWjLoG8QlHjY_GRuG93y6snVAitB_XmabjihPS7_i_VulHsHlZTy-N22HqI60-djCB6GoTjoEBPlp2aGmGLlMY90DOsRaOx3N8hwDe9qHmzy9GgBDB9FjUflqgyQ0Sa5FRzuFDBEclcvKMxMcLIHw5f0Kn3difXEG_t8P6cecHJ7xYp_uITA8Y0ADosCOEDPqzipCfoEQKMDhy34qKXIAg2ypKkTiscYGCq40dgzTYe_68LSgakOEA&sai=AMfl-YSYbvJVBzFgzisf99y4zmmkJK1tvIzs8AOJNg9TPJfjEV7Jyrmh9fF_FDsyLc8aoG2KrYnsRonRji0THnIczUZeKkemabpy5JoFpGMZvwQHSwLsqTz2kDIyYwFk3bjwAMiGua-XguqkDo679cfQBuE&sig=Cg0ArKJSzNAFRvZHzLRTEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:55 GMT
index.html
s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/ Frame A918 		80 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517564a648e52fcce073bcfa37badfba4c16249fc03f959eb73e46fa1e9e5e4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
53586
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19748
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 19:09:49 GMT
expires
Wed, 03 Jan 2024 19:09:49 GMT
last-modified
Thu, 13 Jul 2023 20:02:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame D498 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM_ikqahbRwsUuYPUFfFuWQKN9OkfiMuqhTrv-Qoa9xODy8N3em1NSOLxM6NDZtcoNf808xZJxZxoejNLCc14pBe6db-L2kBrLPfxJnUoUHMhKN8CxAtUqJFEZusPSt-ZPjVkmhPlA7EXxb4o1Hksd_WbOyEqMX31yrPZUMzi6k1rstTBDbapZCmXfjfiZN5J3NCrkJocrxX7jiM5BOkt1Ad0UrMXymMTVkweEd97iNf4o79vc3pC0bbHjD_m1mnkbPnFTpI2vtaKO3NZKB7j7zQhqbsMIKsRjAb2Hu3ROe1AKbIbJh4VCcxnZn4VsGxGzdz0EVyPbwCF8Sb7fJ7-C4aKWJiJq7nfGaEdLXANzvalcuC8xxD4UWiY&sai=AMfl-YT6c_27vsmhhrY8UUz2tNvl8CK4hDkkZ7tiXmfgRHPFQE9T8C5b9Z8CxiklxQsSB4VjzZGCAJUoyQuZHlV_wZneWidcr68WQ_VDfPhPmwFMtuv5vEhzlauVgUeeDg_D4yPntKtmVCDSr6LjMeNrW7Y&sig=Cg0ArKJSzKYYBBOljBp1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame A918 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 09:05:59 GMT
bill3.png
s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/ Frame A918 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/bill3.png
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4a0a02f61301af57fa96ac6302fc3623adc60c1e151c77054fa87c97704b25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 02:33:37 GMT
x-content-type-options
nosniff
age
26958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48616
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 20:02:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 02:33:37 GMT
bill2.png
s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/ Frame A918 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/bill2.png
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b2e90b07d3810e2e9b98f6c69fc6054e5720706ce8a56b93f768135a629b944
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 19:50:48 GMT
x-content-type-options
nosniff
age
51127
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35100
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 20:02:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 03 Jan 2024 19:50:48 GMT
bill1.png
s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/ Frame A918 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/bill1.png
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853f89d8c03638382884ca2b33263ccb1756701fbab7f4a26a9f08da786b322f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4514281875/1689278571217/Bill/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 02:33:37 GMT
x-content-type-options
nosniff
age
26958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35324
x-xss-protection
0
last-modified
Thu, 13 Jul 2023 20:02:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 02:33:37 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D498 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4Mg6luaul82NGDhU6i69LCLCOSv9rAQsGCDOooJMH6zAt2JaAY7r18kY97YHi1FtUL6xqR9-QCoA0d6QABBxBZ61yf5w3rAA5tQVynqnsETOhJoCLVPx1AmPCXIp0SaNtDAW5On1bIkgKS7ptHEeuznSURuWiA_tCoTrhic4CQ3bGcx4OqL8NO8uNswXeBbwyZHYRorFwNjVb6Wybu6rkuFVRqPTlpCOudvJXG-eEBHJezijO5fdtCt712rP16D4WwQPHWuD7SfsqCFlBiWSISkAeDDHLLUmRiPrYhdhmR8IawNzMq1lU5YdTFE9YtJGYmI1b4xpcin-PAsQIlMnlvtM5bs48B_TB8WViY9U&sai=AMfl-YQ2gyXpkUja3-kxbbLepMlscXGecl_vYZ1rieKsJ0PHI7eg9Qg9DpDaW3pD_F4YEmqbK__gvFaXieR9lSNxcPPbBftjbnGTW0WbpNk8dTa6Dd_XOhv2du_PuklRZ6NnRY2KzvDkoibQqCKUFpDMSR0&sig=Cg0ArKJSzAgocdjzuYcfEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:55 GMT
increment
id5-sync.com/api/esp/ 		0
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2F&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2F&rid=esp&cc=1
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f8c4db2b56d42875895a1f46a852f9260c30c3f7f3e9bd1c8fb7d6fa331b781b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-iiN9C5H3r+khgeAj9KPAslPzd/E"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://gq.globo.com
location
/esp?url=https%3A%2F%2Fgq.globo.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.10.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-10-251.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
810e30ed1b78cd1ece4262c601cd43372c766239e17baae3d6a89361851591e8

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache
x-server
10.45.2.124
access-control-allow-credentials
true
content-length
60
expires
0
syncframe
gum.criteo.com/ Frame 4683 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gq.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:56 GMT
server
Kestrel
server-processing-duration-in-ticks
302160
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
gtm.js
www.googletagmanager.com/ 		163 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXVN776&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
690aff5fbae71df212e1b4d099cdf8e558048c8f78405ec71db1c58791c80d3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60803
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jan 2024 10:02:56 GMT
gtm.js
www.googletagmanager.com/ 		164 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9404f378a176542a53e1824335ba817c91a37ae0d89ffe5d5ee43653afdb1a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60677
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jan 2024 10:02:56 GMT
gtm.js
www.googletagmanager.com/ 		160 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3GJS46&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25c910144bbd855cafbae20f862026b800fb5e38d85f02c5370e62130c9c774c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59868
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Jan 2024 10:02:56 GMT
ivc.js
gadasource.storage.googleapis.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:13:40 GMT
content-encoding
gzip
age
2956
x-guploader-uploadid
ABPtcPpd9-hoPerY_yiTeJ31hA7mT5gFR9ltKNevi43Fi7B3RhvzoMjQE-tnUI75aWRvAiN_FEuVvS_Glw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-generation
1567453851562424
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type
text/plain
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
expires
Wed, 03 Jan 2024 10:13:40 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Jan 2024 10:02:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
JL/c84e/OMb34rrZkzfhRBhXRhc8ddC0la12Dp0hHAY7X/S62RbogSIVoIv59UYQbZ/TVU6L5jrsGpPNCsWlgA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/ 		922 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e79632edd9be8df96e2a000cd115229e1110f730476483b68f539b00ec054df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
8VFbsr_CsROWAGoCyU1QRt4_ZF0Cy08L
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:56 GMT
x-amz-request-id
12MNBF77BPZ5MSAG
age
2037
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
38
x-amz-replication-status
FAILED
content-length
75714
x-amz-id-2
Bd8HRAUXXtmbr5vQvayMfxSBTCSRO0OEA5KUm+/M8xTP6aWlP/lnITG4r3yvqyBEpH9iG5N+M98=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Tue, 02 Jan 2024 19:40:08 UTC
server
nginx
x-timer
S1704276177.528090,VS0,VE12
etag
"bf9ccfd33d02594c135efd5e658a9c2d6b13d5d6"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
22
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
lib-pub-ext-tags-gq-latest.js
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-openstack-request-id
txeac14f4d6f7949729019b-0065953035
last-modified
Tue, 07 Mar 2023 22:45:23 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
x-object-meta-mtime
1678228387.000000
content-type
application/javascript
x-timestamp
1678229122.73062
cache-control
public, max-age=180
x-trans-id
txeac14f4d6f7949729019b-0065953035
x-request-id
4cf83dfb-beb6-4429-b019-f79f7139477a
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=1528790370658408&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=4&didk=3389147194&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7578e3e765b282b5%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MYs4CQJE547s6oPP6TH0tNWcVpOeQ&gpic=UID%3D00000d362729911d%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MbbSW8Z4owWHaJ6d4r79DwM8qCm9g&abxe=1&dt=1704276176426&lmt=1704276176&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1200x290&msz=266x0&fws=132&ohw=266&psts=AOrYGskSnMmir6GegA6RxewUv4wCPx58l9Ks84Lu3He_6ljp4DLMfrS5Dw1nrFgeK1fdATddb3zbu65hKdWR8AEM9AtO-w%2CAOrYGslvxTgclh6FtyUs3kLmSVjce8RlpwCiFgSH7zqb60Yb17HA_8vpQWoDhDvx8qdlJdU2s0ncaiNqizNYxdX8-RKzuw%2CAOrYGslx4y9YqyoAz-tlGeLWcQuEz4wCU_KkA-t9x5DlJ4F8o85Y6EFqsjCBwjrcwEwM0kzHlAqomq1-4pvtee_Ln54sjw&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRlYjgzNDg0LTdmMmMtNDg4NS1hNjRjLWYyMDY4Y2FhYjkwYhiW25r2zDFIABIdCg5lc3AuY3JpdGVvLmNvbRiJ1Jr2zDFIAFICCGQSFwoIcnRiaG91c2UYidSa9swxSABSAghkEhkKCnVpZGFwaS5jb20YidSa9swxSABSAghkEhQKBW9wZW54GInUmvbMMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yj9ua9swxSABSAghq&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DBox-Chamada-3&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=3862479879&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b060117282dbdaf1b1de16797bc69472778b30c2615492f0c9bf25af6105d1ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11914
x-xss-protection
0
google-lineitem-id
6113331093
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138458273165
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=42680366900939&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=5&didk=3389147195&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7578e3e765b282b5%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MYs4CQJE547s6oPP6TH0tNWcVpOeQ&gpic=UID%3D00000d362729911d%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MbbSW8Z4owWHaJ6d4r79DwM8qCm9g&abxe=1&dt=1704276176430&lmt=1704276176&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1200x268&msz=266x0&fws=132&ohw=266&psts=AOrYGskSnMmir6GegA6RxewUv4wCPx58l9Ks84Lu3He_6ljp4DLMfrS5Dw1nrFgeK1fdATddb3zbu65hKdWR8AEM9AtO-w%2CAOrYGslvxTgclh6FtyUs3kLmSVjce8RlpwCiFgSH7zqb60Yb17HA_8vpQWoDhDvx8qdlJdU2s0ncaiNqizNYxdX8-RKzuw%2CAOrYGslx4y9YqyoAz-tlGeLWcQuEz4wCU_KkA-t9x5DlJ4F8o85Y6EFqsjCBwjrcwEwM0kzHlAqomq1-4pvtee_Ln54sjw&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRlYjgzNDg0LTdmMmMtNDg4NS1hNjRjLWYyMDY4Y2FhYjkwYhiW25r2zDFIABIdCg5lc3AuY3JpdGVvLmNvbRiJ1Jr2zDFIAFICCGQSFwoIcnRiaG91c2UYidSa9swxSABSAghkEhkKCnVpZGFwaS5jb20YidSa9swxSABSAghkEhQKBW9wZW54GInUmvbMMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yj9ua9swxSABSAghq&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DBox-Chamada-4&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=2873217945&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d12c00ca59622952f1c4364f911b58b69eac24889b3adf4510a70e32ae6d2c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11919
x-xss-protection
0
google-lineitem-id
6113331093
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138458273165
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=1346687046050219&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=6&didk=3389147192&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7578e3e765b282b5%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MYs4CQJE547s6oPP6TH0tNWcVpOeQ&gpic=UID%3D00000d362729911d%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MbbSW8Z4owWHaJ6d4r79DwM8qCm9g&abxe=1&dt=1704276176434&lmt=1704276176&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1200x290&msz=266x0&fws=132&ohw=266&psts=AOrYGskSnMmir6GegA6RxewUv4wCPx58l9Ks84Lu3He_6ljp4DLMfrS5Dw1nrFgeK1fdATddb3zbu65hKdWR8AEM9AtO-w%2CAOrYGslvxTgclh6FtyUs3kLmSVjce8RlpwCiFgSH7zqb60Yb17HA_8vpQWoDhDvx8qdlJdU2s0ncaiNqizNYxdX8-RKzuw%2CAOrYGslx4y9YqyoAz-tlGeLWcQuEz4wCU_KkA-t9x5DlJ4F8o85Y6EFqsjCBwjrcwEwM0kzHlAqomq1-4pvtee_Ln54sjw&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRlYjgzNDg0LTdmMmMtNDg4NS1hNjRjLWYyMDY4Y2FhYjkwYhiW25r2zDFIABIdCg5lc3AuY3JpdGVvLmNvbRiJ1Jr2zDFIAFICCGQSFwoIcnRiaG91c2UYidSa9swxSABSAghkEhkKCnVpZGFwaS5jb20YidSa9swxSABSAghkEhQKBW9wZW54GInUmvbMMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yj9ua9swxSABSAghq&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DBox-Chamada-5&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=2609018698&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e36404e27aaf8b46c5d9c37ad066e1a259e8611ff25ce2ad527e09e6dc875cc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
google-lineitem-id
6160545068
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138429733924
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=1309402394128499&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=7&didk=4212400324&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7578e3e765b282b5%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MYs4CQJE547s6oPP6TH0tNWcVpOeQ&gpic=UID%3D00000d362729911d%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MbbSW8Z4owWHaJ6d4r79DwM8qCm9g&abxe=1&dt=1704276176437&lmt=1704276176&adxs=100&adys=6728&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1600x45&msz=1400x0&fws=0&ohw=0&psts=AOrYGskSnMmir6GegA6RxewUv4wCPx58l9Ks84Lu3He_6ljp4DLMfrS5Dw1nrFgeK1fdATddb3zbu65hKdWR8AEM9AtO-w%2CAOrYGslvxTgclh6FtyUs3kLmSVjce8RlpwCiFgSH7zqb60Yb17HA_8vpQWoDhDvx8qdlJdU2s0ncaiNqizNYxdX8-RKzuw%2CAOrYGslx4y9YqyoAz-tlGeLWcQuEz4wCU_KkA-t9x5DlJ4F8o85Y6EFqsjCBwjrcwEwM0kzHlAqomq1-4pvtee_Ln54sjw&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRlYjgzNDg0LTdmMmMtNDg4NS1hNjRjLWYyMDY4Y2FhYjkwYhiW25r2zDFIABIdCg5lc3AuY3JpdGVvLmNvbRiJ1Jr2zDFIAFICCGQSFwoIcnRiaG91c2UYidSa9swxSABSAghkEhkKCnVpZGFwaS5jb20YidSa9swxSABSAghkEhQKBW9wZW54GInUmvbMMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yj9ua9swxSABSAghq&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DDhtml&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=2706509149&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5213346629f7c07797cbaf797c61d6f645633c7c0d175279ef8a40d47b6976e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11882
x-xss-protection
0
google-lineitem-id
6358500223
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138441990852
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 4683
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=gq.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=k4QZtXw0blpLVWF4VjEzRGlxd1p1STNtWldpSkhIR1F2QzBwS216SzNrUDg1ZmN5bFJQTy91N3FENEdpUHlsc2tHYmxOOU1tY1RoTWxyeG1UbjZsSzVjOXhaZnZESDQzVzRudTNoMTFVVFhJZEdDdWpjVjYrRkdETHhuRX...
419 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=k4QZtXw0blpLVWF4VjEzRGlxd1p1STNtWldpSkhIR1F2QzBwS216SzNrUDg1ZmN5bFJQTy91N3FENEdpUHlsc2tHYmxOOU1tY1RoTWxyeG1UbjZsSzVjOXhaZnZESDQzVzRudTNoMTFVVFhJZEdDdWpjVjYrRkdETHhuRXhmUTNIS1RBazNPT0l6cko5QlBIL0xTZ0RsbjJ1VDcxL1RrQjdjbys3SGlxOXR2dUozOFFLVCtreHRmemE1aTNiYVlac3JOYTFPczNacDNRR1VkWE5aNjlKcS81MDlOZjhuWUVIcWZPUDNRT3hibHh4VjN5bWtoRjEvc2tlR3ExRmg3b0JCa2o3NjZyUldibjBKYWZtdnBuS01zTFU2UT09fA&cppv=2
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
fed9dd3611052591444c4c9b088d411f4c61a5431fb9f12d1f40dbf6abe7f5db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1224495
expires
0

Redirect headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=k4QZtXw0blpLVWF4VjEzRGlxd1p1STNtWldpSkhIR1F2QzBwS216SzNrUDg1ZmN5bFJQTy91N3FENEdpUHlsc2tHYmxOOU1tY1RoTWxyeG1UbjZsSzVjOXhaZnZESDQzVzRudTNoMTFVVFhJZEdDdWpjVjYrRkdETHhuRXhmUTNIS1RBazNPT0l6cko5QlBIL0xTZ0RsbjJ1VDcxL1RrQjdjbys3SGlxOXR2dUozOFFLVCtreHRmemE1aTNiYVlac3JOYTFPczNacDNRR1VkWE5aNjlKcS81MDlOZjhuWUVIcWZPUDNRT3hibHh4VjN5bWtoRjEvc2tlR3ExRmg3b0JCa2o3NjZyUldibjBKYWZtdnBuS01zTFU2UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
279194
content-length
0
expires
0
encrypt
esp.rtbhouse.com/ 		201 B
474 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
9deb4d2f74ba2509252fa0666e569eca079f4be0c39577d9de580599b98c5318

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
0d872fb3b2ae2c01cd3ecd6c9bfdf6ad
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With
content-length
201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Dec 2023 11:02:02 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6055
Expires
Wed, 03 Jan 2024 11:02:56 GMT
execute
c2.piano.io/xbuilder/experience/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c376 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957471e69f25d4f4d19ff6810590d0019eb04044f56cc2fe09ab616bd02bbeb1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
lcjmvb3x2j
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
83fa68b73f8a1c13-FRA
lib-analytics-latest.js
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-openstack-request-id
txb8720ce72e384f5db2546-0065953060
last-modified
Tue, 23 May 2023 21:09:44 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
x-object-meta-mtime
1684872817.000000
content-type
application/javascript
x-timestamp
1684876183.22388
cache-control
public, max-age=180
x-trans-id
txb8720ce72e384f5db2546-0065953060
x-request-id
ebaaf2e4-dedf-49b1-8db2-c38a33c20811
cdb
bidder.criteo.com/ 		0
190 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=85931014196&lsavail=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280390&zone_id=1398904&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=4eb83484-7f2c-4885-a64c-f2068caab90b%5E1&rf=https%3A%2F%2Fgq.globo.com%2F&tg_i.domain=gq.globo.com&tg_i.page=https%3A%2F%2Fgq.globo.com%2F&tg_i.adunit=85042905_gq%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fgq%2Fhome%23pub-super-2&tk_flint=dmpbjs_v8.23.0&x_source.tid=1013bd05-8240-4b12-92fd-0a4d5b8e9aa6&l_pb_bid_id=416bced14d0a2f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9ea8b672-c21f-4e9b-9282-1f7ab7e306fd&rp_maxbids=1&p_gpid=%2F85042905%2Fgq%2Fhome%23pub-super-2&slots=1&rand=0.7805031766910957
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
487fc68fee1d36804c442c5bb0e1ad81e0d90b4efa5b205bb8d792244c4c0371

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ip176.ip-164-132-25.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
s.seedtag.com/c/hb/ 		7 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
4a27611ccc0fbc3ab700907de58105dea410633166202d4d4373bf79b675d428

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
s.seedtag.com/c/hb/ 		7 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
5c4eaa6a74eacf18f95554dd16022ef7c783a5c610685af054e25a175817ab34

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
prg.smartadserver.com/prebid/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ip176.ip-164-132-25.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		0
190 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=44102064023&lsavail=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280390&zone_id=1398904&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=4eb83484-7f2c-4885-a64c-f2068caab90b%5E1&rf=https%3A%2F%2Fgq.globo.com%2F&tg_i.domain=gq.globo.com&tg_i.page=https%3A%2F%2Fgq.globo.com%2F&tg_i.adunit=85042905_gq%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fgq%2Fhome%23pub-super-3&tk_flint=dmpbjs_v8.23.0&x_source.tid=95451b85-0c80-4bbc-8d49-c696b6f138d5&l_pb_bid_id=160d3e6d138af1a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=088e98d2-54f5-432b-8f36-29d9edc0c6a2&rp_maxbids=1&p_gpid=%2F85042905%2Fgq%2Fhome%23pub-super-3&slots=1&rand=0.3777885574057316
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5640ebdae015f7e5dc1092ca1e4d5272e957c89cf0bbbb95e98942e6cf5c3fdf

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
s.seedtag.com/c/hb/ 		11 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
prg.smartadserver.com/prebid/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ip176.ip-164-132-25.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280390&zone_id=1398912&size_id=15&eid_pubcid.org=4eb83484-7f2c-4885-a64c-f2068caab90b%5E1&rf=https%3A%2F%2Fgq.globo.com%2F&tg_i.domain=gq.globo.com&tg_i.page=https%3A%2F%2Fgq.globo.com%2F&tg_i.adunit=85042905_gq%2Fhome&tg_i.aupname=%2F85042905.*%26.*retangulo.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fgq%2Fhome%23pub-retangulo-1&tk_flint=dmpbjs_v8.23.0&x_source.tid=0ceb0b56-62c4-479d-9acb-0d17ec0def5f&l_pb_bid_id=22f09dd298086c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d8742a5f-53b4-4c1e-ab0b-a52dd188d559&rp_maxbids=1&p_gpid=%2F85042905%2Fgq%2Fhome%23pub-retangulo-1&slots=1&rand=0.6029023049626447
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8fb13e7ff9b21f8833e49859d387eb09cd9b96608beaaae1152c1fd61514f5b4

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
191 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=64630248620&lsavail=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		139 B
701 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
351cc6c2876c759e858af234fcc3879499b44c2edb6f77807a6971fb6d55a2d6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
an-x-request-uuid
513e5496-2a03-4235-bb12-becda8bb7797
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.76; 146.70.117.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280390&zone_id=1398912&size_id=15&eid_pubcid.org=4eb83484-7f2c-4885-a64c-f2068caab90b%5E1&rf=https%3A%2F%2Fgq.globo.com%2F&tg_i.domain=gq.globo.com&tg_i.page=https%3A%2F%2Fgq.globo.com%2F&tg_i.adunit=85042905_gq%2Fhome&tg_i.aupname=%2F85042905.*%26.*retangulo.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fgq%2Fhome%23pub-retangulo-2&tk_flint=dmpbjs_v8.23.0&x_source.tid=a4a69284-6669-40d9-81d9-867b71bbedb4&l_pb_bid_id=280f4ffe193e627&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c7a16f27-48ef-4913-ac7c-1e1bbc8f2de7&rp_maxbids=1&p_gpid=%2F85042905%2Fgq%2Fhome%23pub-retangulo-2&slots=1&rand=0.15366021561448595
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
cfc04e586c24e742d4778659627dee624f376a809572ee27dc9ee5f861e57ca5

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
s.seedtag.com/c/hb/ 		11 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		145 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
d5d9331c6e3f64d37a293a56c8e953b79b163d59405d633f7c79b346f849e450
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
an-x-request-uuid
7e984930-d318-401b-9f6a-520311e6028a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.76; 146.70.117.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ip176.ip-164-132-25.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ 		0
190 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=40622022575&lsavail=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:55 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame CEB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssS0F871npwivYtCo4OYNKQSltR1c_0QLuKROeYGYwecKfaytz58kVve0fHmARqVXppfavavZHVW3x3OAdSdZ4aVyqOZeQMTtbfEiijV_npLlWt9-hlEZzhGk76LrYGe-jNKXNo6gQEkVuiYYz_2mT7ucDSUBMekhxoQRtz8I_osJ625wUBKwQtFW7rHJydf4Rq6uYn7MKPFZtxHuA0PStMREA3-Q8mfgDp9DRDr2n_iwjHon3fVDh1YNshECukXihoHyUKdpqhpHLDvfOOkeRM4HHf0AqGxc7hpEM1SVXQb54Dpwv9VJ2xnlZFNHw7AhCwlZQd5g0OJbaXsaWS_6Dq_FehghzixQ&sai=AMfl-YRm0IdP1HrSKIPfW2uF6-Tc6kDj23o4bz-fn7Ne_HmZ7y4zxn7u3I9uPbB4huGaQwKGy25tysmCq91VB32lRX8cZ5bOF0HS4r-BuonVEbSMMeCAy3wwbO4VKdEOSA&sig=Cg0ArKJSzCVsu1MQxq4LEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
8442.js
go.trvdp.com/init/ Frame CEB9 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/8442.js?pid=6714
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-88.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30d0b1a3b116fe306de4d03f47099694dd243baaaf559c39aa95a3e6c95ce9a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 21:42:55 GMT
content-encoding
gzip
via
1.1 e3175a7d38795328ac3444e1d56a9f4e.cloudfront.net (CloudFront)
last-modified
Thu, 18 May 2023 19:20:22 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
4969202
etag
W/"154dd817db4673702e483bbbcc17281f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
tMSKDI4qGS949iMG048zvshhWbVenLeWeFIOZ4cz3UtZrj_u25H1bQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CEB9 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:56 GMT
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0F87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9D4A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1704276176578&e=pv&url=https%3A%2F%2Fgq.globo.com%2F&page=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=136&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=090b1de9-a231-4405-9c9d-88b7fef07c60&dtm=1704276176577&vp=1600x1200&ds=1600x6794&vid=1&sid=f09405b0-a14d-4f99-a398-0796b0ee6bde&duid=ab641ed3-c244-4782-944a-6e4e0aae56cb&fp=528417763
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.176.231 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-176-231.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:56 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 44AF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
1896257967106140
connect.facebook.net/signals/config/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1896257967106140?v=2.9.138&r=stable&domain=gq.globo.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6732dc12885ba1653a6811de4d54ee31ff63e370606bf9fc092f5fb6538c136d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 03 Jan 2024 10:02:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
RdTN7v54UOF2m6QZfa4IfVdspe4U2FyJOYpuW23Gwvik7qVm7AX8FSuEzeb7FwCOxFLycVlwJ00UlTXaL9EXog==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0F87 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
4541142756082903325
tpc.googlesyndication.com/simgad/ Frame 0F87 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4541142756082903325?
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7b77034ef83570174a337a5452ec92a4de44f3381d122523fc30d62aed8ea7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49576
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 19:57:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Jan 2025 10:02:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F87 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:56 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9D4A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
9990424817729785830
tpc.googlesyndication.com/simgad/ Frame 9D4A 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9990424817729785830?
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9215fe6e610adb60ae16fb119294c2bd084fee105990f1424ddbf51e70720eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40068
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 21:40:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 02 Jan 2025 10:02:56 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9D4A 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:56 GMT
settings.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-openstack-request-id
tx8f1dd23651d140b583ed4-00659530d0
last-modified
Sat, 02 Sep 2023 17:44:45 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
x-object-meta-mtime
1693675470.000000
content-type
application/javascript
x-timestamp
1693676684.90264
cache-control
public, max-age=
x-trans-id
tx8f1dd23651d140b583ed4-00659530d0
x-request-id
8d18906d-4506-491c-a7fe-8add04e4039e
truncated
/ Frame CEB9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92837a1013b652516b57120f4111fbb03524064703ac7465f751cb36b4b1bb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 44AF 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
4541142756082903325
tpc.googlesyndication.com/simgad/ Frame 44AF 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4541142756082903325?
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7b77034ef83570174a337a5452ec92a4de44f3381d122523fc30d62aed8ea7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 10:02:56 GMT
date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49576
x-xss-protection
0
last-modified
Mon, 18 Dec 2023 19:57:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44AF 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:56 GMT
load.js
pm-widget.taboola.com/editoraglobonetwork/ 		13 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
avFu_8YDlMZk2FadaSnJ93_6jfhKujAJ
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:56 GMT
x-amz-request-id
AJAQ6631SS6C6VZ1
age
765
x-cache
HIT
content-length
2158
x-amz-id-2
LJ7T7Oby64a2mfP7F+EoAZ8tesbkeJYv4yoECtCb3M079YtXZ5QHRkxol/wOh9Y0GsxzZkxhgnM=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Thu, 28 Sep 2023 09:53:53 GMT
server
AmazonS3
x-timer
S1704276177.670587,VS0,VE0
etag
"1a3a4c01368008685ab73c00426c052b"
vary
Accept-Encoding,
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-cache-hits
2
impl.20240102-5-RELEASE.js
cdn.taboola.com/libtrc/ 		833 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240102-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
1df8f33d9a0c7df8972d38883573e4600dc53c15896c92e13ff7cb739f523b85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
1WxO6ksXwOOCKRVTFFS_UFPGMxWfaHI7
content-encoding
br
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:56 GMT
x-amz-request-id
886QGMRMY2BBYMMW
age
27120
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176358
x-amz-id-2
X+H7atpWKr/1Dy8xXUIRnYkuzuOv7RqAymHWKs72NFwaDYo9OAsvbQU1nWBlNSKux4eJMC6bLws=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Tue, 02 Jan 2024 10:30:26 GMT
server
AmazonS3-br
x-timer
S1704276177.670649,VS0,VE0
etag
"5c55ea6ee55fa1f5f398c380c4abb6f1"
vary
Accept-Encoding
content-type
application/javascript
abp
10
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
27435
pd
google-bidout-d.openx.net/w/1.0/ Frame C2D7 		199 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Wed, 03 Jan 2024 10:02:56 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
7.tiny.js
static.infoglobo.com.br/paywall/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/7.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
123.224.151.34.bc.googleusercontent.com
Software
/
Resource Hash
5526de640b8a955cded2558243e36af335e7b0722c9ff1cc091d329b12a6eebd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-location-rule
static - tiny.js
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-openstack-request-id
tx324cdd127eee4ce18007c-0065850558
x-cache-status
HIT
supportspointer
true
x-trans-id
tx324cdd127eee4ce18007c-0065850558
x-request-id
d542f0fe5c4b87560bc629975d0278de
last-modified
Thu, 21 Dec 2023 17:21:30 GMT
vary
Accept-Encoding, Origin
x-served-from
infoglobo-router-gcp
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-timestamp
1703179289.94905
cache-control
max-age=600
charset
utf-8
expires
Fri, 22 Dec 2023 03:51:12 GMT
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		589 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f009281569fe8550876628a8c76448f2fbd281f9edd6a850355dd37c4b79c91
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mwwjo6syI8G
pragma
no-cache
wn
prod-dash-10-0-131-51
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.006
cache-control
no-cache, no-store, must-revalidate
cf-ray
83fa68b869ae5c32-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 1028 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df66b2daefa83ea07ed2ec98d26123c11c6c4738dfe3fff38b88cd28586bd24e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
83fa68b85c3139da-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 03 Jan 2024 10:02:57 GMT
expires
Wed, 03 Jan 2024 10:17:57 GMT
last-modified
Wed, 03 Jan 2024 10:02:57 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.010
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-123-111
x-forwarded-https
on
x-request-id
Mxwjo6s4KFR
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		589 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a6aaaf6df31d937c3a6e771f2b432359f715666c1d8f106c759eea4484e200
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mwwjo6s54gq
pragma
no-cache
wn
prod-dash-10-0-123-111
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.005
cache-control
no-cache, no-store, must-revalidate
cf-ray
83fa68b869b35c32-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame 8858 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
283fc8755468ae18502e782c7e5f9c3a3bd1e726f870fefd3f3490609f65bca1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
83fa68b85c3339da-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 03 Jan 2024 10:02:57 GMT
expires
Wed, 03 Jan 2024 10:17:57 GMT
last-modified
Wed, 03 Jan 2024 10:02:57 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.005
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-131-51
x-forwarded-https
on
x-request-id
Mxwjo6s9FV5
x-xss-protection
0
loadTemplateContext
buy.tinypass.com/api/v3/anon/template/ 		589 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238eeb96101f1e73565c05324065956a52decd037f8e42827f018fb50f754f62
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mwwjo6stp5e
pragma
no-cache
wn
prod-dash-10-0-142-191
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.008
cache-control
no-cache, no-store, must-revalidate
cf-ray
83fa68b869b55c32-FRA
expires
0
cacheableShow
buy.tinypass.com/checkout/template/ Frame C831 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da18fadbd1c202775a8071a3c34a65cb5fef07b787d4b9d277b952a8e3d5b09b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
https://dashboard.piano.io
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=900
cf-cache-status
MISS
cf-ray
83fa68b85c3639da-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Wed, 03 Jan 2024 10:02:56 GMT
expires
Wed, 03 Jan 2024 10:17:56 GMT
last-modified
Wed, 03 Jan 2024 10:02:56 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.005
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-dash-10-0-131-51
x-forwarded-https
on
x-request-id
Mwwjo6sOYzb
x-xss-protection
0
callback.min.js
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame B21D 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/login-callback.ghtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
55e355a0f86d6f7fe3b0b20bb64ea0f01c1a846f732cb38a7c89f07bfea8b6fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-openstack-request-id
tx958bf1b1e1b94e3b89294-0065953069
last-modified
Thu, 30 Nov 2023 12:03:46 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-timestamp
1701345825.59577
cache-control
public, max-age=180
x-trans-id
tx958bf1b1e1b94e3b89294-0065953069
x-request-id
5e99f228-2e5c-42ff-bf26-568393597b67
cx.js
cdn.cxense.com/ 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Wed, 03 Jan 2024 11:02:56 GMT
p.php
stg.truvidplayer.com/ Frame CEB9 		13 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1783&wid=8442&cb=8468.759426170318&pid=6714&url=https%3A%2F%2Fgq.globo.com%2F
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/8442.js?pid=6714
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-39.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
4c4cf15138949e4aa75df8077642b14c35debd3700d2416f89a7bb4f98aab8a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
via
1.1 48391c4ed2c51e95dcabcb70cf613126.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
x-amz-cf-id
dcIXsdT1RHknw5zpy_uadysF6ZDC5e2PiVvjcN8K7EXjncQ-mP_3_A==
view
securepubads.g.doubleclick.net/pcs/ Frame 0F87 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq7acaMWd_KTOXfN9nZglJGYKAs-IznPWO0zOFfs0y3H_8uFcCerMuGYIi5NnRQdZj7lwLP81UBSV4UwoPbSoVneWv84IAa8OHs4lExe6EzJ-26Q-Ib6uMJykPeeqC1zvq0qM5YbkTTivZS-fuJKU-37BV_8RsyozBwgD1lvIlr2y-TP9Mq2_uz5LMrgfm4moZGVjPGg62boSh7w8uWfmiHfYHUCQxIt_1a2ZFbPwC8NsC9OQ5N1l6toMvz4MokXZGk1dNOFAga8csuSQOPdaGTXsBYK5Me45brdzQhFJlRASxBmTe-UO8DywMDxjmd1Yduk6BrJeWUrw&sai=AMfl-YRWpwQlYaL30KvQT0f3j6P5Dr96GLit0Bo4QDxrH7_3Zqd9GJDuqG6DDa7YHcnIu5Aqd6KXPoX9zCqltM9bb4i8a9oHJ2ASUn9EUav1R7DhzUhD0hQ9dvv22pDcCw&sig=Cg0ArKJSzIgNBk-exRnOEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 0F87 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txc3c5db33bde84dd08e8f5-00659530cf
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB54008
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
txc3c5db33bde84dd08e8f5-00659530cf
x-request-id
c790d660-91db-4b6c-af19-f2be219199a4
regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame 0F87 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txe7ae3e313caa401489750-00659530cf
last-modified
Tue, 25 Jun 2019 17:42:57 GMT
x-thanos
0AB54008
etag
a28c6bf751afd0731507d904609fe5da
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484576.57450
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20904
x-trans-id
txe7ae3e313caa401489750-00659530cf
x-request-id
27d35fae-2556-4747-b229-ef945c4e2ed1
view
securepubads.g.doubleclick.net/pcs/ Frame 0F87 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfqX5EhVFW_4grD-YlN3i8G_OwZL5O8FKKxFypxXc1JnqudSP11LJEMjPdBXXmPhlnrE5UfqthVzkOecxxBNWL6fwNgCwZ-K_X5TQ_tHoCaN_jxlWvFG80qX44Z0OLBbmzoRB_mLgqVagugO2VlB0ZluKFjf_qYgqfjXkah4aanimADQTFcw1MnTM4kmx67z77LXEeQsxk5DTtWdusngOmco8Rcx2joxHclfs4UhP87wEZz6aQeqjEhYkhkpjOiCWExFM0ws3dY_wiY6Cw8NKg5ZBDll8uLn4D-__qytygBGmrNZ8kW0TeVzUmvzFmGGzIb1k25t73x1ftKA&sai=AMfl-YT7H1lVj49jwSag07GmXyQimq6homdaICTI1QGk_UdEBzAThmg43JJtN8Vy6-UWPUnxJdGIQb_mVSCNepF47zRoUZJ1C8bUKMCA8grhKbkAltYboQeU-DN0lXhYLQ&sig=Cg0ArKJSzPuBk-FMy8PXEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9D4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAVXqr4oCl-DA3ZxU3xv_lxKowll_pavk4rBC-oJSJu0CEzASCl0iM_pGApyMafrvPwjTxNcvYsn3BB1EekiGK6bg17SGqC5PQIGNUhnUTvull0Ps-LAFifviPkjH_ULYm9Z9Vpx8kUeBIKTfmez0Js0zh3tHS1djSxUdNJOWrW1MwmD6erJmbk4lqhgMHOQYOTlPQpAj732KTTXQ22I6OBbw4_cMXPMMHDRMMJP0Mv8jSWipmKFGA69L9MfsRPgt4PeSMBrepZoKL8G7Yv-Qd4HoP1UhmXKfgNEehQIcvIP3FZ3HKfWfgppNQ-ye1U6caBiZpGfKAJx35O73K&sai=AMfl-YRW_UHSLiOTlfWI6oIp29W80yuV_BhtblBuvqqariWFpXjih8cBn9fte2WW4EvgQDG3uvoVWyuHz68V1n_V1ZNpZkEQXVZDKc1kBay-fZY3fpFnACWlzd3K01eGdQ&sig=Cg0ArKJSzDV9zrZKZZdSEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame CEB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw-QMFfVafiZWRJksGR2apY0bLpyrdiWjGRyE_hL7bbQe4kxn3tMtZuaJGYhQylPfr62x94fCbkke2VXKUS3MnEggnqKsA-SBUn4_d23cLmSIhRj0R838WblNWfPP8Pn-RG-5DvX8f8s0mO2GZLmYBexi2JWK5sCQhsKNaA3KCGaLkz1TAlpg4498narlfsWzhUfL3c6nSZCt8dbTZszYoDHIeSfDyi1NjdP2E9avdGwbsVyRuxJb9T2eNM2uHwdTtmaTJ-KuZCpw5dHz3p5euYe5PT6GcXfhw4_f9IuNWY18lxRxbrA0vfKBqkOBqrT0ngfF548GWUMi9Iw&sai=AMfl-YTijY3yvOQvaCeuscDOXXKcfk2E0_H5bruntEkxsmIWviY-K1BUV0Q5m41AFQPW-MqcxCTpctJIb4PFlsgedtXuQWtnR2aBwipGgsRQYwf0l41hTwcX-vnpJ85idw&sig=Cg0ArKJSzKGnvKaFEnDbEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:56 GMT
tm13574.js
tag.navdmp.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13574.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03b95106083a9a0c3e7797983627487d10cc59a1a4d5b576aecb19464d9fc5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 26 Dec 2023 13:49:40 GMT
server
cloudflare
age
1245
etag
W/"658ad9f4-47ce"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83fa68b8cdc52bd7-FRA
expires
Wed, 03 Jan 2024 10:42:10 GMT
dmp.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
d6c7e6ad800fb94afd9cfaf6dd1ff4f2022b21cd80b4cda59cda258730ee86d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-openstack-request-id
txfe0efd06f4e34e7ea7cb3-006594f8f1
last-modified
Thu, 28 Dec 2023 18:50:20 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1703789419.59317
cache-control
max-age=18000
x-trans-id
txfe0efd06f4e34e7ea7cb3-006594f8f1
x-request-id
4c03bd2a-e573-4ecc-a286-9b3aeb478557
t3m.js
tags.t.tailtarget.com/ 		64 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-12842-2/CT-1047
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:14:01 GMT
content-encoding
gzip
via
1.1 google
age
2935
x-guploader-uploadid
ABPtcPoxReJOfl4ASeynO7tmMvRo0bTYMc7CrnNG3Cg-5z2y3fCXWz6zhLlYhBOdMZ8uKqNgJb9kQ7ZtXQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11157
last-modified
Wed, 16 Feb 2022 19:26:59 GMT
server
nginx/1.8.1
etag
"7baa2c88b7abc79944366989908f0a4f"
vary
Accept-Encoding
x-goog-generation
1645039619237034
x-goog-hash
md5=e6osiLerx5lENmmJkI8KTw==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
11157
accept-ranges
bytes
expires
Wed, 03 Jan 2024 11:14:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 44AF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLCSpiNQoi7M2JQBpN34UUC1dsoy8AKflKr555B_QPIdfjASHiMviUTW19_rNsHb5j9PfBVwika5nHiTcrfiDX_EtiCmvnnkEfxP86LcLJ2qI-Dl-LhjHaElFj9adJ21gmam5uvmENtGydcYeRv8QBdpXko8NZ_KwhFxWWGy9vv68Alhk1X5hehHBmQyklYtgWxY3sGwy5k4FK-FcDZHnxNRO7ieej1JSzvQossu3cvu8yyqgID124B4bP3PSeE0N-_R9WpjjLAG1O6Pab6thzStRveFz7khmRNq2cWtFRQqxcF-aod4o6MXAmmWXEgznzEErKOvja3EM&sai=AMfl-YRtP_BlUStxJgFby9MKOhh59MLIR02BWazZ0S6jakV-MMbJ5NK7NSddkJSxmDKjAhN12jUqq3ywqyfU1TSFDW7r3XzdDXY6W-3Ac39KV9yq0Z5MvaW_rAw4A7KQKg&sig=Cg0ArKJSzJtP5PK5n0UgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 9D4A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txc3c5db33bde84dd08e8f5-00659530cf
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB54008
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
txc3c5db33bde84dd08e8f5-00659530cf
x-request-id
4399f8eb-6fa9-49b8-b2e0-88c0ca311c71
regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame 9D4A 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txe7ae3e313caa401489750-00659530cf
last-modified
Tue, 25 Jun 2019 17:42:57 GMT
x-thanos
0AB54008
etag
a28c6bf751afd0731507d904609fe5da
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484576.57450
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20904
x-trans-id
txe7ae3e313caa401489750-00659530cf
x-request-id
10d8a6bc-6a16-4fd6-9e97-40b02adddb02
view
securepubads.g.doubleclick.net/pcs/ Frame 9D4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuvzI3rjKSaCcfc3Sfffu7IwVukAyQhz6ut8GWE8rm-gdwbdu8A_2xoD_3aeAGbTOXRzoBjOcrUYOLSfieg46A0J4udSao6kUOZ9U2Kxymt3MvIEzbwYYaqddmSFXwd24a7oRLhrnOxJxRqKTkSoA5NEWFB4-9AKKrRGPWhWkoJxj6DXl22IgzhGXi07mN_C3V3m6GzJL31zHxrb6yRhiZH8MAZhpetyVEf7EBRaXHAOwvt2ntoO86seFowrKiQxn4CnWaFgzJeLIqpf6ja3xCBzgIFN-0Tu6zYNH39mKZWmvb_6kXNK-1PwDHTMnLzsuSiBK2lCNz1M7sMT_8CVg&sai=AMfl-YSQjT66TfMuntHA1g7lehsnu195oaupamHiylXbQ1ncM6cH8xLSVg_8OEwS3mMCfkJX6UPHEuSbAKRoQN5wdcGYA8vx1akViePpEjmls-yAJTeag0G5AO37bDb6Zw&sig=Cg0ArKJSzOamqtm0lMPOEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:56 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1896257967106140&ev=PageView&dl=https%3A%2F%2Fgq.globo.com%2F&rl=&if=false&ts=1704276176753&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704276176752.433927646&cs_est=true&ler=empty&it=1704276176595&coo=false&rqm=GET
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 03 Jan 2024 10:02:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/ Frame 0F87 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dbf119554a41490b0f0a4c6c8a0a75e3d6a98bee44df012f8d4aee56fd950dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ Frame 44AF 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txc3c5db33bde84dd08e8f5-00659530cf
last-modified
Tue, 25 Jun 2019 17:36:47 GMT
x-thanos
0AB54008
etag
365c53275ca5dad1584b7e0bd3a46c1e
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484206.27623
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16172
x-trans-id
txc3c5db33bde84dd08e8f5-00659530cf
x-request-id
127fc985-c7a1-4ed5-8034-6bca26fc7afd
regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ Frame 44AF 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Origin
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
txe7ae3e313caa401489750-00659530cf
last-modified
Tue, 25 Jun 2019 17:42:57 GMT
x-thanos
0AB54008
etag
a28c6bf751afd0731507d904609fe5da
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp
1561484576.57450
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20904
x-trans-id
txe7ae3e313caa401489750-00659530cf
x-request-id
54bdf9dc-52f6-4114-8c80-f420426c7b68
view
securepubads.g.doubleclick.net/pcs/ Frame 44AF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqHmlOUZG-FwfSAsYcDkBQt3kBDRq-Y-G5qW691BsJe9UMwhAJUmOvOPFWMOp6EAoOYVyw2KeMCiFIWSPKyUBuFPyZJCfYhCjYPTPxMpmAInTTY2mrSEUuuBXvCrOTHqcVVSj_XPM7jnQp7PEXAYh4OQHl8llnPoIGMHTHbuhE8yWrz0JI5p-sHmQRG1c-6qVLUo3ZS92GvI_LFT3fVM5GWuREhN_bxa6D9VshVmxumUSG4wK5benPtaOSEfHbgXs2LcOHEW2fMKeXPetukOuz8FPStz9g1U6AsAn0MFYX07uqkvAuOsbeIV8gG8a7oZ7BP6WyniDLx7mLNQ&sai=AMfl-YQbZgithNjD-OJnGr_pTYZU8ak2YF8jBG3ki-AroApDHP79CbykTlpXpLrVxDsU9rR15B7mBV-6leDOBTgXE1U_SGqrIDHWmPWTRrMTPdicnBHXfVt2IzAB6nGzIg&sig=Cg0ArKJSzDw97LO7BgH8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:56 GMT
truncated
/ Frame 9D4A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a1b53715d0f74ff408e5e723719b8c7bf96c3bff7869080855f8fa21750ebc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
pmk-20220605.13.js
pm-widget.taboola.com/editoraglobonetwork/ 		102 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pm-widget.taboola.com/editoraglobonetwork/pmk-20220605.13.js
Requested by
Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
riBLlp2W2iGvHi8DcZSGRiSyaeJmPBap
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:56 GMT
x-amz-request-id
VJXAPC6WC2V801TJ
age
1677694
x-cache
HIT
content-length
28799
x-amz-id-2
SEjjnsGWjKPR3DJaA6AjDIZY1Ciku1VPJ8m34b4bPXg8qOQjpUBJ+QVLMWevAKHhP8OrXMNxrh4=
x-served-by
cache-fra-eddf8230124-FRA
last-modified
Thu, 28 Sep 2023 09:53:52 GMT
server
AmazonS3
x-timer
S1704276177.816273,VS0,VE0
etag
"cf865437aa13ed4e856f389bfec9ae01"
vary
Accept-Encoding, ,Origin
access-control-allow-methods
GET,POST,PUT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
53
truncated
/ Frame 44AF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb5c500ac44da132d4655d228ea5a4b379793c0d3a7dce2a26822b4bc02f85c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
card-interference-detector.20240102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20240102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9b43c701203c11d43f48787fab247fc99267fb902710f0199b448286ba7ab93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
c3V2ux_f3DLDk0LIEOeypGFZqetdEZyi
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:56 GMT
x-amz-request-id
B108KKRWSVPTQP95
age
444
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2179
x-amz-id-2
uXO+lBbUUjJ0ul9UrhA63ecH9XKXriq6xUk5tTFlkQg02mztMj5ytaeJrTWxIxSvk/CVvihTjbM=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Wed, 03 Jan 2024 09:55:33 GMT
server
AmazonS3
x-timer
S1704276177.797947,VS0,VE0
etag
"f29937d233621ed2a4534b31325adb90"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
336
sync
gum.criteo.com/ 		73 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9de3a1865a3cd0812ee1e7450069142c501360c345cf2192efd56e665d60537c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
880459
expires
60
cdb
bidder.criteo.com/ 		0
190 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=47789332975&lsavail=1&bundle=yNI3vF9wM1N5WFhibTQ4UUtiQ0xIVW92aHVOZEtZME5zaXd6dFZVVFVsajB5T0FNTjIxUGpVWEVLNnpqTGRVZWp4Z2dFUnJsUkVZJTJCSWRVQ0hNTmQ0azYlMkZ6czFqV2xxb2R6YWRYTFMyZU9ZT1l4SnQ1aXg4WHN5U0tWTVBiSmFab3BDV3k1ZWlXQVpGeEpRZzJSNTY0RElXZVd3JTNEJTNE
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
s.seedtag.com/c/hb/ 		7 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
a5db7b0db2ef6df2f6f99f9ffaf86097828fa49df1a6dbeec87267f8e8ca36bc

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280390&zone_id=1398904&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=4eb83484-7f2c-4885-a64c-f2068caab90b%5E1&rf=https%3A%2F%2Fgq.globo.com%2F&tg_i.domain=gq.globo.com&tg_i.page=https%3A%2F%2Fgq.globo.com%2F&tg_i.adunit=85042905_gq%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fgq%2Fhome%23pub-super-4&tk_flint=dmpbjs_v8.23.0&x_source.tid=8fea7605-73ed-42c7-bd1c-9d4d877c126c&l_pb_bid_id=42882364f97c915&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=f3dbe2ac-280f-4ca3-8ba4-bed6f4acc7a8&rp_maxbids=1&p_gpid=%2F85042905%2Fgq%2Fhome%23pub-super-4&slots=1&rand=0.6157506641017665
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a12562c133614c0b6e2675cb1b4d617d63d0690aa2fb28fa83b37e1356b301ac

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
prg.smartadserver.com/prebid/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ip176.ip-164-132-25.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame D498 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz3edcHId2sIkh1WdEpB-lGpqLRDb1tD5Qgvl1xxYR93IyrSMXVzCMzsGLBncUFRHpVYxXCoU4D8ZZWx1MRztIizjLo_HnMMGgmAvmXo9Xr8VtZkgL7h5YCUDVsvGVn3WxwBGihLWauGPEqfNrTSZWbw&sig=Cg0ArKJSzPhe04mZiPX7EAE&id=lidar2&mcvt=1020&p=197,315,447,1285&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=1339606424&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704276175646&rpt=139&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
usergate.globo.com/ 		44 B
316 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
2af921f96b618475ba87948891bf844483be715971a4d4b69c4b596afd6c1691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
684 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e703e0f917bf9674b8f2d527be7ee015dc4bb39de7ebba594b7f892c663726ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
659
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:56 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame C831 		126 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3525
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:16:48 GMT
wn
prod-dash-10-0-122-206
server
cloudflare
etag
W/"128533-1702570608000"
vary
Accept-Encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
83fa68b93d0739da-FRA
expires
Wed, 03 Jan 2024 12:02:56 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame C831 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1694691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQF3f87IQTmaRb4wq5yj7w1cTf6DAbMWvkrsoXcuv61TjzUMpSZ1%2FsftTpKUiwbG49lDycscczzQ4AcZrFD4w%2BgxY4LeXWRrQkWaQu6MNvI2d%2FKBxxhdA51Najz6nHhuUzLHxKZHQEJa8Y3BP%2BLgdU3U"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d371c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame C831 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2216031
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkRvoE%2Fudoda9a6wXh6h8%2FL9UJ3EW%2BbD87UAPIqNtEJ5HF%2BLC0kZNrTBeEbZNWxtWZ87APlNOFI8MKZbiKphfol3EfBKp0KaZ5lxBmkRFdU7%2B1iCs76Lf9nJrSGavLEiWTBD51FcVPSCQdlcZ6V4isMs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d311c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C831 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2963426
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opPubG%2FFgNkaLGxwkCk3%2FiwsJ8dJtevwDMWfK2ma2bkgr3V5XDRzHsuP0pAXC1nX4YaRSr9IqIRmhhetiVqi50njkC%2B%2B0TpUUsH%2BdPXWKDL2lG2bULoFjBgRdwhiC6p7KGzB1or8s%2BsEWhDrJth1k1ws"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d2f1c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C831 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2218022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWbLzmnIYu6F609C4o%2FpQcuRsj6bqRsoWKTYygdE6TQRxu3gAAdOQIM1VdOqrmVm0pGm0Z8yqSFgpG8PzRWj4pvIvLE6VY8GgEKUtmCXZ%2BI9ptZ1kjYGXOb1YzsXoKegiCL12CCA16Mvm%2FAKBP8GWHSb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d391c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C831 		825 B
755 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1167351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fp2ihJ0DIQSSElOo0SN%2BX1Iwyfy7LAIDUmgyW0MlJ4W0ng%2FkzDdGlT3fLAdDpZ4EIxP0Eti0ZXeL%2FH%2BBF%2FRARhbl1uZokelFUtWAf7xOfCIv0TErZPtLIafZf4FYoy3aJH4kIkLrvrS%2BEsQeMM5NxmfB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d2e1c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame C831 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2881420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnPzsw%2BhLRLq25mg%2B4Q%2BxO6FPwStwo%2B3sg0n22FNJzhi%2FHR4JmypUGih2jU1Y%2BoMXXdXEw7JkHwxKgyszgC7rdRmLpmCPQVRjLv1md6n91j3kBJcPK56BbxydV3pwMj6%2BU1pPSZezGGFJt%2FePx7Zorr7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d2b1c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame C831 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2869036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FvUH%2BJnQ%2FksFscX42jQM9aNmn2kORHYkV0GyGOtYB20ycGlcMwPXLcd94QSdMsrRsIEhC6cSFjzSyVr8a50kn6ddbfNgCQ2w6sXcKy2v2%2F%2BpYHXEyRBR1r7aUXNiQfhZaGr8U9CDuCssoF1TZ%2B1MisNR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d271c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame C831 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2875783
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmaTP%2BA9C6kqM1oby2RtDhFnSvpwG6dpEsB2F1aTgNUFCpscZD%2F4IXNqYXQlrRBcIzBQKcSoVJOhV3yRRsCPWgrbqsjRb0qwXC27ZM5VQE2ZzBYuCY9VdoJ%2FdhzsrRZfk%2Bh03yU%2BEJRN2mvwZwNUHJY7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d2a1c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame C831 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4263110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPy2Fpa2xWo4m8nACukTxHCvXyhJX9ZMfGsg7DQn%2F72UXjd340t1ggDv47%2BaOTtR%2BFkKSJAU3CqLbPEsZx60gwmTeOH1ZrWWDLJW6i3thbD0vkPifYweADxqSWXckF3u1TmwRW4AFWe5c6Xa1lHf%2F5zf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d241c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame C831 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2971542
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqJ%2Fj2nZXjHZN7mTpXzU%2Fbm%2F0kNK4YxLJJxHFoqiVrPnRZF5ZIR8iIesTod8IMau4K59iv%2FNHc3ZgXsqwilJsOF0eJyn62WhkVWs1h6pdg1YPQyOV7djwZpzlEKm%2BqYBspx2LFmbQ23hOXdDFP5yGbUv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68b95d261c9f-FRA
expires
Mon, 23 Dec 2024 10:02:56 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame C831 		33 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mwwjo6s8cQG
pragma
wn
prod-dash-10-0-92-232
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
83fa68b93d0c39da-FRA
expires
Thu, 4 Jan 2024 05:02:56 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame C831 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
5633
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:34:20 GMT
wn
prod-dash-10-0-80-79
server
cloudflare
etag
W/"68959-1703180060000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
83fa68b93d0f39da-FRA
expires
Thu, 04 Jan 2024 10:02:56 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame C831 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
1158
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:46:28 GMT
wn
prod-dash-10-0-93-23
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.004
cache-control
public, max-age=603642
cf-ray
83fa68b93d1039da-FRA
expires
Wed, 10 Jan 2024 09:43:38 GMT
css2
fonts.googleapis.com/ Frame C831 		3 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 10:02:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 10:02:56 GMT
style.css
buy.tinypass.com/checkout/template/ Frame C831 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
138
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
83fa68b93d0a39da-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Jan 2024 10:22:56 GMT
gq-footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/ Frame C831 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/gq-footer-desk.gif
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTJZXZMR4IF7&templateVariantId=OTVTFVKC3LSEV&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_7279e75e74064a854b2b-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
ce0e7b8835e0262312af0aa3f780503b5a18f7def6196ba2c17885df343adbff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
x-openstack-request-id
tx9f366d650cd247c89c31a-0065953038
last-modified
Mon, 04 Dec 2023 14:38:56 GMT
x-thanos
0AB54009
etag
950326eff99b9f1308975210c49b11e6
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1701700735.73551
cache-control
public, max-age=180
accept-ranges
bytes
content-length
12548
x-trans-id
tx9f366d650cd247c89c31a-0065953038
x-request-id
a8f487ab-557a-4306-adee-75c3cb5a75b8
tm46169.js
tag.navdmp.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm46169.js
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
2348
etag
W/"6137b330-2e58"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83fa68b93e442bd7-FRA
expires
Wed, 03 Jan 2024 10:23:48 GMT
usr
usr.navdmp.com/ 		77 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0&wni=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc6bdce7fc5b53e1bcf470f336f92be66319523572790401e50b00d1efdec92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
83fa68b93e542bd7-FRA
expires
Wed, 03 Jan 2024 11:02:56 GMT
v1
prg.smartadserver.com/prebid/ 		0
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
164.132.25.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ip176.ip-164-132-25.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
bid
s.seedtag.com/c/hb/ 		7 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
49f25ffc5043a80b161f483349cf7cb392038d58216d16e40e34f2ea81c5dc18

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdb
bidder.criteo.com/ 		0
190 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.23.0&cb=91104295890&lsavail=1&bundle=yNI3vF9wM1N5WFhibTQ4UUtiQ0xIVW92aHVOZEtZME5zaXd6dFZVVFVsajB5T0FNTjIxUGpVWEVLNnpqTGRVZWp4Z2dFUnJsUkVZJTJCSWRVQ0hNTmQ0azYlMkZ6czFqV2xxb2R6YWRYTFMyZU9ZT1l4SnQ1aXg4WHN5U0tWTVBiSmFab3BDV3k1ZWlXQVpGeEpRZzJSNTY0RElXZVd3JTNEJTNE
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:56 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		10 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=280390&zone_id=1398904&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=4eb83484-7f2c-4885-a64c-f2068caab90b%5E1&rf=https%3A%2F%2Fgq.globo.com%2F&tg_i.domain=gq.globo.com&tg_i.page=https%3A%2F%2Fgq.globo.com%2F&tg_i.adunit=85042905_gq%2Fhome&tg_i.aupname=%2F85042905.*%26.*super.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fgq%2Fhome%23pub-super-5&tk_flint=dmpbjs_v8.23.0&x_source.tid=c5524e95-8b53-4800-8294-c55e2a3b0c8c&l_pb_bid_id=52c5dc73f0df79a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1585f222-cef4-47f2-b4a2-2b8fb1e8b307&rp_maxbids=1&p_gpid=%2F85042905%2Fgq%2Fhome%23pub-super-5&slots=1&rand=0.6810687250976948
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::45 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bca8a0a2ebdbd0bfa7cb24d673bc5a49dd48fbab972742cbb875651a74cfe6ad

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
sp1.html
cdn.cxense.com/ Frame 8D2B 		456 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html
Date
Wed, 03 Jan 2024 10:02:56 GMT
Expires
Sat, 13 Jan 2024 10:02:56 GMT
Last-Modified
Thu, 30 Nov 2023 11:55:50 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
cx.js
cdn.cxense.com/ Frame 8D2B 		111 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:ba2::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Dec 2023 12:22:49 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37123
Expires
Wed, 03 Jan 2024 11:02:56 GMT
usr
usr.navdmp.com/ 		77 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46169&upd=1&new=1&wst=0&wct=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b29629948cbdc114ae7d26b905d037bd1fa2b93f4a107ddd227cf78d9b4fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
83fa68b9aeae2bd7-FRA
expires
Wed, 03 Jan 2024 11:02:56 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=166431879310914&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C970x90%7C970x150%7C1190x250&ifi=8&didk=557148463&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7578e3e765b282b5%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MYs4CQJE547s6oPP6TH0tNWcVpOeQ&gpic=UID%3D00000d362729911d%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MbbSW8Z4owWHaJ6d4r79DwM8qCm9g&abxe=1&dt=1704276176903&lmt=1704276176&adxs=200&adys=1151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1200&psts=AOrYGskSnMmir6GegA6RxewUv4wCPx58l9Ks84Lu3He_6ljp4DLMfrS5Dw1nrFgeK1fdATddb3zbu65hKdWR8AEM9AtO-w%2CAOrYGslvxTgclh6FtyUs3kLmSVjce8RlpwCiFgSH7zqb60Yb17HA_8vpQWoDhDvx8qdlJdU2s0ncaiNqizNYxdX8-RKzuw%2CAOrYGslx4y9YqyoAz-tlGeLWcQuEz4wCU_KkA-t9x5DlJ4F8o85Y6EFqsjCBwjrcwEwM0kzHlAqomq1-4pvtee_Ln54sjw%2CAOrYGslkbpkhXyz64uPSRhvgnTZzP3tNOwyvim7ESQWy4wPUuoZ8VYZ6arrkzDNgtiqNmayAVPTGppHe-K1hYTvlXXu0wA%2CAOrYGslzIKJl3diLP2iMyGz31SqjDOpHeFm2Xmq50PvV4zFq1BgzFzGsUQBUXa_wxRoP2XVMBRqujFcaZhc7npkDXgf6og%2CAOrYGsl9zDC6uhAc4CDnmyzb2KfYFW-45LkfDPwORIIV7qEvzImqONEVN7eDccxWL5HqoqpKno5F1RnCqaDoosYfRIFMqA%2CAOrYGskLWb6lalpYdwFSHgJsq_mIlm071y8XUHu4mkilfQJ45OXox4QO0jpRdsKCEPi2XfsTdWsdId4LjUpsrOviLbqTYQ&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRlYjgzNDg0LTdmMmMtNDg4NS1hNjRjLWYyMDY4Y2FhYjkwYhiW25r2zDFIABIdCg5lc3AuY3JpdGVvLmNvbRiJ1Jr2zDFIAFICCGQSrgEKCHJ0YmhvdXNlEpgBcnRoclJCSmhTZ0NIQ3A4d1NRTXpvTm1iSFZJZ05uMlhmcTN1OHlodloxZThpWVh1ZmF4NmNNNU5wcWtYTXU1bUxPZlBXWi9ienNHbFdtTkdzQ0JNSkl3Z0FWdTloWStVMTNlWEM3WEowNTdTdllRNkw3TWkvSFV6NHcwUkxRS2NiSVY4WUdncFlyQWZiU29mUU1tdS9RPT0Y8N2a9swxSAASGQoKdWlkYXBpLmNvbRii35r2zDFIAFICCG0SPgoFb3BlbngSLGV5SnBJam9pUm1aelJrVTVPSGhVYVVNeVZtVk9RWFJxTTBsUlVUMDlJbjA9GKnemvbMMUgAEhsKDGlkNS1zeW5jLmNvbRiP25r2zDFIAFICCGo.&cbidsp=CtgDCAESFQoGY3JpdGVvEJMBIAJSBmNyaXRlbxLEAQoHcnViaWNvbhDGAhqqAQoPNTU5MGFhZDlhZjk0Yzc1EOC2DRoDVVNEIgloYl9iaWRkZXIiB2hiX2FkaWQiBWhiX3BiIgdoYl9zaXplIgloYl9mb3JtYXQiEWhiX2JpZGRlcl9ydWJpY29uIg9oYl9hZGlkX3J1Ymljb24iDWhiX3BiX3J1Ymljb24iD2hiX3NpemVfcnViaWNvbiIRaGJfZm9ybWF0X3J1Ymljb24oAToGCMoHEPoBIAFSB3J1Ymljb24SIwoNc21hcnRhZHNlcnZlchC7ASACUg1zbWFydGFkc2VydmVyEpQBCgdzZWVkdGFnEOoCGnsKDzU2ZDVlOWUxZjViODMxZRD8wAYaA1VTRCIRaGJfYmlkZGVyX3NlZWR0YWciD2hiX2FkaWRfc2VlZHRhZyINaGJfcGJfc2VlZHRhZyIPaGJfc2l6ZV9zZWVkdGFnIhFoYl9mb3JtYXRfc2VlZHRhZygBOgYIygcQ-gEgAVIHc2VlZHRhZxgCIiQ5ZWE4YjY3Mi1jMjFmLTRlOWItOTI4Mi0xZjdhYjdlMzA2ZmQqBAgDIAAyB3Y4LjIzLjBArBtKAA..&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DMiddle%26rc%3Dpub-super-2_0%26hb_format_seedtag%3Dbanner%26hb_size_seedtag%3D970x250%26hb_pb_seedtag%3D0.10%26hb_adid_seedtag%3D56d5e9e1f5b831e%26hb_bidder_seedtag%3Dseedtag%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.22%26hb_adid_rubicon%3D5590aad9af94c75%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.22%26hb_adid%3D5590aad9af94c75%26hb_bidder%3Drubicon&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=3687126344&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9befdc12d53f6746e5f6b97072109af0ec9c71bdd6517cc5199c2b1d295d616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12908
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
selected-alternatives
globo-ab.globo.com/v2/ 		294 B
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.95.229.88 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
88.229.95.34.bc.googleusercontent.com
Software
/
Resource Hash
2da752fd10206a04902212cfbc3acb1d38d0fe932d1f43e3e223226b8375b550
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=300; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
trace-id
bb446cf284bcef18
access-control-allow-headers
user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID
p1.js
p1cluster.cxense.com/ Frame 8D2B 		47 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
f42d8c0362c15ec6f6891165e8b651e3551b76e79370a96be2eb2f47615de7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
last-modified
Mon, 03 Jul 2023 10:02:56 GMT
server
Jetty(9.4.28.v20200408)
etag
1z3zl7v2fe5oy3b0v0u9qubap5
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
47
expires
Fri, 03 Jan 2025 10:02:56 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 09:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
879
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 03 Jan 2024 11:48:17 GMT
destination
www.googletagmanager.com/gtag/ 		244 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-1ZN2PMPQGQ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
528b007d1713e20b372c2ee06521928a650fcc1a5c928c9c7468d02e341e248f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86184
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 03 Jan 2024 10:02:56 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame C831 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 22:01:04 GMT
x-content-type-options
nosniff
age
302512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 22:01:04 GMT
truncated
/ Frame C831 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
/
usergate.globo.com/ 		29 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.44.198.35.bc.googleusercontent.com
Software
/
Resource Hash
e8c872529db6f1ed7ac99e51dac39635392e75f033bd4ad1f99ffa63c6282228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/ 		1 MB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e74bc5bb422e694c46b0a0dbe5e34b7489560790b80c6467a539ae8b0fd458

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ABPtcPoOy-0OYDEM5F4pO3Qn7VCQLASgtONiy1xx4aG9fjCsgO37nkwgzMBeJ3XrOZaym3uAqkrVBHF5Vw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
content-length
301237
last-modified
Mon, 01 Jan 2024 17:22:10 GMT
server
cloudflare
etag
"fa7016124edc5340400e23051e1b5bcd"
vary
Accept-Encoding
x-goog-generation
1704129730058922
content-type
application/javascript
x-goog-hash
crc32c=KSy6mw==, md5=+nAWEk7cU0BADiMFHhtbzQ==
cache-control
public, max-age=900
x-goog-stored-content-length
301237
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68ba8ec34d58-FRA
expires
Wed, 03 Jan 2024 10:17:57 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1ZN2PMPQGQ&gtm=45je3bt0v884047758z8893114496&_p=1704276175390&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=320781341.1704276175&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704276177&sct=1&seg=0&dl=https%3A%2F%2Fgq.globo.com%2F&dt=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&en=piano_event&_fv=1&_ss=1&ep.page=%2F&ep.event_category=Piano&ep.event_action=Mobiliario%20Footer&ep.event_label=eg_gq_footer_pulseira&ep.counting_status=01&ep.piano_experience=%20%3A%201&tfd=5732
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1ZN2PMPQGQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rep.gif
comcluster.cxense.com/Repo/ Frame 8D2B 		43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.44&typ=pgv&rnd=lqxm15ybyyzqo2vf&sid=4756157261768221469&loc=https%3A%2F%2Fgq.globo.com%2F&new=1&arf=0&ltm=1704276176817&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lqxm16952gwvfzva&ckp=lqxm15ybpl823pq0&glb=&cp_userState=anon&cst=1z3zl7v2fe5oy3b0v0u9qubap5
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Wed, 03 Jan 2024 10:02:57 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13ea4896ef7732cad2cfe4c1d910&acc=13574&url=https%3A//gq.globo.com/&tit=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83fa68ba9fac2bd7-FRA
content-length
6
content-type
application/x-javascript
usermatch.gif
beacon.krxd.net/ 		0
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=13ea4896ef7732cad2cfe4c1d910
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.241.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-241-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-served-by
beacon-n024-dub-prod.krxd.net
date
Wed, 03 Jan 2024 10:02:57 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1704276177
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
id
id.cxense.com/public/user/ 		102 B
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lqxm15ybpl823pq0%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%221z3zl7v2fe5oy3b0v0u9qubap5%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%221z3zl7v2fe5oy3b0v0u9qubap5%22%7D%5D%2C%22siteId%22%3A%224756157261768221469%22%2C%22location%22%3A%22https%3A%2F%2Fgq.globo.com%2F%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0037.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
9e4be079d0ef930f299a9b5da6770250f0891de375c039496e80cbc5f7a41575
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
102
expires
Mon, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1010768330327728&correlator=2982111969893534&eid=31079958%2C31079783%2C21065724&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C1190x250%7C970x150&ifi=9&didk=557148460&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D7578e3e765b282b5%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MYs4CQJE547s6oPP6TH0tNWcVpOeQ&gpic=UID%3D00000d362729911d%3AT%3D1704276175%3ART%3D1704276175%3AS%3DALNI_MbbSW8Z4owWHaJ6d4r79DwM8qCm9g&abxe=1&dt=1704276177049&lmt=1704276177&adxs=200&adys=2035&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgq.globo.com%2F&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1200&psts=AOrYGskSnMmir6GegA6RxewUv4wCPx58l9Ks84Lu3He_6ljp4DLMfrS5Dw1nrFgeK1fdATddb3zbu65hKdWR8AEM9AtO-w%2CAOrYGslvxTgclh6FtyUs3kLmSVjce8RlpwCiFgSH7zqb60Yb17HA_8vpQWoDhDvx8qdlJdU2s0ncaiNqizNYxdX8-RKzuw%2CAOrYGslx4y9YqyoAz-tlGeLWcQuEz4wCU_KkA-t9x5DlJ4F8o85Y6EFqsjCBwjrcwEwM0kzHlAqomq1-4pvtee_Ln54sjw%2CAOrYGslkbpkhXyz64uPSRhvgnTZzP3tNOwyvim7ESQWy4wPUuoZ8VYZ6arrkzDNgtiqNmayAVPTGppHe-K1hYTvlXXu0wA%2CAOrYGslzIKJl3diLP2iMyGz31SqjDOpHeFm2Xmq50PvV4zFq1BgzFzGsUQBUXa_wxRoP2XVMBRqujFcaZhc7npkDXgf6og%2CAOrYGsl9zDC6uhAc4CDnmyzb2KfYFW-45LkfDPwORIIV7qEvzImqONEVN7eDccxWL5HqoqpKno5F1RnCqaDoosYfRIFMqA%2CAOrYGskLWb6lalpYdwFSHgJsq_mIlm071y8XUHu4mkilfQJ45OXox4QO0jpRdsKCEPi2XfsTdWsdId4LjUpsrOviLbqTYQ&ga_vid=320781341.1704276175&ga_sid=1704276175&ga_hid=376958401&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYidSa9swxSABSAghkEjsKCnB1YmNpZC5vcmcSJDRlYjgzNDg0LTdmMmMtNDg4NS1hNjRjLWYyMDY4Y2FhYjkwYhiW25r2zDFIABIdCg5lc3AuY3JpdGVvLmNvbRiJ1Jr2zDFIAFICCGQSrgEKCHJ0YmhvdXNlEpgBcnRoclJCSmhTZ0NIQ3A4d1NRTXpvTm1iSFZJZ05uMlhmcTN1OHlodloxZThpWVh1ZmF4NmNNNU5wcWtYTXU1bUxPZlBXWi9ienNHbFdtTkdzQ0JNSkl3Z0FWdTloWStVMTNlWEM3WEowNTdTdllRNkw3TWkvSFV6NHcwUkxRS2NiSVY4WUdncFlyQWZiU29mUU1tdS9RPT0Y8N2a9swxSAASGQoKdWlkYXBpLmNvbRii35r2zDFIAFICCG0SPgoFb3BlbngSLGV5SnBJam9pUm1aelJrVTVPSGhVYVVNeVZtVk9RWFJxTTBsUlVUMDlJbjA9GKnemvbMMUgAEhsKDGlkNS1zeW5jLmNvbRiP25r2zDFIAFICCGo.&cbidsp=CtgDCAESlAEKB3NlZWR0YWcQ_AMaewoPNTljNGZkMTZhYjc3NGM0EJm9BhoDVVNEIhFoYl9iaWRkZXJfc2VlZHRhZyIPaGJfYWRpZF9zZWVkdGFnIg1oYl9wYl9zZWVkdGFnIg9oYl9zaXplX3NlZWR0YWciEWhiX2Zvcm1hdF9zZWVkdGFnKAE6BgjKBxD6ASABUgdzZWVkdGFnEiMKDXNtYXJ0YWRzZXJ2ZXIQuAEgAlINc21hcnRhZHNlcnZlchIVCgZjcml0ZW8QjgEgAlIGY3JpdGVvEsQBCgdydWJpY29uEK8CGqoBCg81MzYwZjNmMzVjYTBhZmYQkKEPGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCIRaGJfYmlkZGVyX3J1Ymljb24iD2hiX2FkaWRfcnViaWNvbiINaGJfcGJfcnViaWNvbiIPaGJfc2l6ZV9ydWJpY29uIhFoYl9mb3JtYXRfcnViaWNvbigBOgYIygcQ-gEgAVIHcnViaWNvbhgCIiQwODhlOThkMi01NGY1LTQzMmItOGYzNi0yOWQ5ZWRjMGM2YTIqBAgDIAAyB3Y4LjIzLjBArBtKAA..&dlt=1704276172959&idt=1049&prev_scp=Editora.pos%3DBottom%26rc%3Dpub-super-3_0%26hb_format_seedtag%3Dbanner%26hb_size_seedtag%3D970x250%26hb_pb_seedtag%3D0.10%26hb_adid_seedtag%3D59c4fd16ab774c4%26hb_bidder_seedtag%3Dseedtag%26hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D970x250%26hb_pb_rubicon%3D0.25%26hb_adid_rubicon%3D5360f3f35ca0aff%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.25%26hb_adid%3D5360f3f35ca0aff%26hb_bidder%3Drubicon&cust_params=ambient%3D%26tipo_pagina%3Dhome%26editora.random%3D7%26Editora.url%3D%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3Dfbd0f326-52ee-4f0d-825d-9e84db33a0ca%26permutive%3D%26permutive-id%3D%26ptime%3D1704276174376%26prmtvvid%3D%26prmtvwid%3D&adks=4269423136&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95a1096efa3a283ffce06c47df2e1e4133dc412aeef5412f3cd1ce0638bc0f07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12919
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
req
cdn.navdmp.com/ 		6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13ea4818f24f9d44fabfba593010&acc=46169&tit=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83fa68ba9fb12bd7-FRA
content-length
6
content-type
application/x-javascript
publisher:getClientId
ampcid.google.de/v1/ 		3 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 8858 		126 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2331
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:16:48 GMT
wn
prod-dash-10-0-93-48
server
cloudflare
etag
W/"128533-1702570608000"
vary
Accept-Encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
83fa68bacee6916e-FRA
expires
Wed, 03 Jan 2024 12:02:57 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 8858 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1694692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFSeC2G5KZvPoFm9UYtUqnEG%2FmUWCumzaEXK3CVWeT6r2niPM9rXdRops%2FHZQKjyjHMiB2Tz2hAQzJUykMO3qK2OZmJwqOBkrFBH3g%2BaZAqoI2KzdEkc5tuKNICJ0GITGLoTYzm0KI2m0LuvLZLatB5C"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bade971c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 8858 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2216032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KH7lu1sUcfGnXprK0x30nrRLCF6ZbyQ8pDeNqkPWe76VHT%2FX2U1cQN2YYXhSxsf0fWgchQ%2FYzR0DyPUK9R5TwSCTm5AMGFLvDv5RpyK5KlxJZqRFE5%2FqS4AFexLOIJMyOqKIcff7t%2F%2FmLhcHwofndjaV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bade9c1c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8858 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2963427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SebAcSSmikJbDAs5RpKrVg5WWXgCMiMy8yyEPjrrXNHw6iu1I7sM%2BhI0UEAk5JKfOIfJU7SCTQg3vhjEdMdV%2FcOy280plEiKqk7NuS9BMVYepciro4VU%2Fn5EBYzorSuHDVOZgFqx7Qxafx9jIeA0hxe3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bade9d1c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8858 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2218023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYSmR%2FIOQTvO26Lh1VsCLxbqveD3EWZArsKjz9PAqzeH6oBBih%2FFWhsZhII72bbXQ6UbWwt8tsnnZNGXYuXMZ8fjJw8JHt1dIihkZSIBeBiUjfnyF9yWkDvkHbU3bKu%2Bmjzt2M2R87Of%2BXw2ONjoljAL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bade9f1c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8858 		825 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1167352
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66jaaDrgaxgSi6Dm7nJXrl7Wk9O54bSFcgo4Nq1yoTLXTUKzhqWKgVby4aBFzHW%2Bz2poj%2BvFkgnGsdqP0YOCjeTfDKXv2qrWBhdPJh2BnsHkr5FXDUANPMmjQ6ktv6gn9RZ6N56WcNTtiLFBwBCvddFr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68badea01c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 8858 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2881421
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6B9qnxOZQ7G9G2HK922mUiZncNsS0B039v%2FPg3NABd25Tu2HmmFmQX9v4BluJZzK7QvoR4usTTzqMnWv3B%2FL8UbuhVZ0z%2F5bK1sS16FGD3Hawn00GP9C2WQ2eUBTjShUsdzqnV7g%2BNCJfHpOqnx6A2%2FZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68badea11c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 8858 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2869037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyFrAw5J7L%2Fg3dXuMUKQOEmqrk2E8GKGY81twgljggptkfJBQJYhELE716R3uc%2FZpux9PmBlfMSGzVjDzTrIpoCh%2Ftdt1QKW0EqeeIGKhxoeEksnmNVEoYqpxT7gMluolwg4Sp74aZRZBMkNNC2VoXcW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68badea31c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 8858 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2875784
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CyZLd1RUOx3Ejmqo59QxTO2EsjkZpBiX0shUGiuk8zkeKzJ7%2BaRGYAz5cogDsNjgQtm%2BOphE%2Fuh5OUH4R6I8dD77hK0m61NnqE%2FUcrBOmUtozSs3Bc9WN2WoDvUXgs14aoWSs3Ve9NpG8DUmwovZGY0m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68badea41c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 8858 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4263111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBV1W08ibtyPfK2%2FlFdJZfG5IxuGZnNDRKOpedMLmMRPCNcqoBsR0k0A7uoQBZDr%2BSZP%2BzAqH1K16zeIixTQ4YTNxpMnmf%2B4NjyGEBvuYexMMuN0i5on0KA8J0SuoctGDwb6EIDPPhjxJaQjkG6PCk63"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68badea61c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 8858 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2971543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wnAzfH7OmEwQYzMf6zIe70cajDYl%2FctiepVZnvKQFnen3bR%2FiKVmUvGpyFGNy9ZtKfGPAg4p5PmNvtRToZulCiBT0SIifZo67lv7pX2XIXfpC%2BjV6Zht8I1FgVhPgfqSzEPRBaVg3RbCRZX4tCn6FsE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68badea71c9f-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 8858 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mxwjo6sB8TL
pragma
wn
prod-dash-10-0-95-41
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.002
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
83fa68badee9916e-FRA
expires
Thu, 4 Jan 2024 05:02:57 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 8858 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
5634
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:34:20 GMT
wn
prod-dash-10-0-131-180
server
cloudflare
etag
W/"68959-1703180060000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
83fa68badeec916e-FRA
expires
Thu, 04 Jan 2024 10:02:57 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 8858 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3451
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:46:28 GMT
wn
prod-dash-10-0-122-206
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=601349
cf-ray
83fa68badeee916e-FRA
expires
Wed, 10 Jan 2024 09:05:26 GMT
css2
fonts.googleapis.com/ Frame 8858 		3 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 10:02:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 10:02:57 GMT
style.css
buy.tinypass.com/checkout/template/ Frame 8858 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/checkout/template/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXBN3JU1X6S&templateVariantId=OTV7FL03Y07YO&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_313a6f42f33c817b2470-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
83fa68badeef916e-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Jan 2024 10:22:57 GMT
pxid
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/ 		46 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
24a671a8627b964ca6d1f8856204d86784f1dd59c230d1606e653e7af3c45653

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		29 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
8edd53767a5f64b92be33f2ecd85ff0873d98854bf380b0cdb12eb27171da81a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
an-x-request-uuid
0d476964-a272-449c-8c58-cabcf2b5112d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.76; 146.70.117.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 1028 		126 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
2331
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 14 Dec 2023 16:16:48 GMT
wn
prod-dash-10-0-93-48
server
cloudflare
etag
W/"128533-1702570608000"
vary
Accept-Encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=7200
cf-ray
83fa68bb2f4c916e-FRA
expires
Wed, 03 Jan 2024 12:02:57 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 1028 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
709754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30360
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv9ksskVkZ5wl3RVz%2FtdFqiylAYeX2BurgQkQR1OqoBUSZlAxQ0Tb5kDmJjJv8fo0rhAEuZJe5QQ69C0eI1bFT9qz80MWLdX0vWH7q5zTS1CeOR%2FxLdcgjgPc71sYFjtCEu9FtB8bPfdbaZSLrwpOiay"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28ab9c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 1028 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4604684
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wb%2BgAhMA6ahPEFwWyr7a2nt9hKPBeORvKg%2FGlbPgfBQaHFFQFWb6j3goY5ct3UTMoFGUqQ4HlhfAOHsO8jbMYNsdN0HF49bco2rgHEeMPXzwYirRURAQG7sOPGwyRa6%2BryfUXbuIHFWVWndN83Hxx%2Fiw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28ac9c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1028 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2952893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6X2hMAJuR8vL3jPyRvzbh7KEmR2EIwIUZKYFau0bxLL5F6GNvDV4aeCJnkJPVrN%2B6ymA%2B5478GoiKNhygs2tw2M4NfovnFYZmNAimoUyt9%2B%2BZHlkd0%2FB9MdwqjbM5BXonjK0bfSFWnEMf3uYjKQlI%2BUO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28ad9c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1028 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4605362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-2bd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cdb00fh3L47MexDggjSv2dGEnnZEitKcBOCk%2BXjDGdw7i9qcOqYtJxQnJq8NaPowGf%2FVNS9PDVRy66CoV81OfsthYogzUKYF4dlZbIf0fQgz5oMtjZuJ0IqLVMGCPW%2BTMin3R8RCr9P5rjgM%2FsIaPGI4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28ae9c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1028 		825 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2966254
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGHQRU30VTC0zHODX6Y7FmeCqD4Eiai3Z2wilUWHvSiVKf0Lbt6sIVzaAwqe5%2FokJwEhzPDctQB%2ByR0q3zASubX6OdgnYcBxK4GSpQ%2B%2B65lMvpZoXWVRltR%2BnJB4Q4oL94TrnYzHFHKr9u1y%2Fbhot%2BDh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28af9c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 1028 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1794105
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BnzqoAJ16omtUjNC7j5cw04vq5Ot9U1oksIQhANGnOgEL%2BWqGecM7CNKahB7LJixCWJzDJUxyBEmbBmGi4Zcy2vJ2V1uL9mzZKfhYsAe3eJP0f2eoa%2BTYbfqAr9lS6tIQYYDgvAQTYII%2BJVTe74fzs2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28b19c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 1028 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2959936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OYB2JwXb2mtkGTjltCK993VkxoeGx%2BPubqp3SGQvesdqqNBL9yXuelV%2F0UAahHHBpx%2FcRjg4EnRfMfwTjix6P8fK7%2BkwM4LngbcpveAsjqxBy%2BaK8rmK9T%2FjPI%2FM5v2Ea%2Fs%2F2Nt4aVoDNUCV0OAKHo0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28b29c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 1028 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3124859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ayA3%2BYbPo1vCw4bAYkvnB1%2FzTE8IzZS33JdPygvytolDnk6L6nGWpAR8wOWQHm2pBhHmqihyzhVFKRiLU7saqrbPTdwNpDnid3%2BdPRtT90aoViP8ppRceiWUz6MxUBvdNM2OUo%2FMIxEYn73XKOPbz5ps"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28b39c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 1028 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
159925
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
910
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-93c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJC3c4WDsjzyMtQANiyWKArcFPEBFsQoOUp9Yrk3wk4nSv90v%2FR8dT25sePCU2QR8JxcSmjMI4xhqDJ6EuJn7ybDSGyPBJTST1HFLt%2FMzDruYqq6Ow%2BkVYHS32IsQljLt%2Bq37BCK4igr5UcfUpHA8K2%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28b49c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 1028 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1773152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6934
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-4f8f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeRbSq0U8jEgKrMc4U7fW8mXvIraEuK%2BBP30nZfoWcvuiDdxPR0TWYBnV1e%2BTl5G0L0hJ01E%2BvPnC6Bkp9re4M9%2FXsxmmiSQwU2ZdCacXyrP5NfTo2PK9DBHcN6CNCf5OuCmSzEg5lP8Me%2F3oVGaOyix"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bb28b59c10-FRA
expires
Mon, 23 Dec 2024 10:02:57 GMT
loadTranslationMap
buy.tinypass.com/showtemplate/general/ Frame 1028 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mxwjo6sCe8k
pragma
wn
prod-dash-10-0-131-51
server
cloudflare
vary
accept-encoding
content-type
application/javascript;charset=UTF-8
server-time
0.001
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
83fa68bb2f50916e-FRA
expires
Thu, 4 Jan 2024 05:02:57 EST
platform-translation-map_en_US.js
buy.tinypass.com/ng/common/i18n/ Frame 1028 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
5634
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:34:20 GMT
wn
prod-dash-10-0-131-180
server
cloudflare
etag
W/"68959-1703180060000"
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
server-time
0.000
cache-control
public, max-age=86400
cf-ray
83fa68bb2f51916e-FRA
expires
Thu, 04 Jan 2024 10:02:57 GMT
H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy.tinypass.com/_sam/ Frame 1028 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/_sam/H4sIAAAAAAAA_z3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=16.84.0
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
3451
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Dec 2023 17:46:28 GMT
wn
prod-dash-10-0-122-206
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.001
cache-control
public, max-age=601349
cf-ray
83fa68bb2f53916e-FRA
expires
Wed, 10 Jan 2024 09:05:26 GMT
css2
fonts.googleapis.com/ Frame 1028 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;700&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
223e97d3bb390ff95ac0ad68e06b3daf0eedc98943c49f54a3a262dc50f53280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 10:00:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 10:02:57 GMT
css2
fonts.googleapis.com/ Frame 1028 		1 KB
449 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300&display=swap
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2e27abb6b7eb21d99d37021c1100f2c6fdbc12eff318e61392211381bcf95af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 09:24:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 10:02:57 GMT
style.css
buy.tinypass.com/ Frame 1028 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/style.css
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
vary
accept-encoding
content-type
text/html
cache-control
public, max-age=1200
cf-ray
83fa68bb2f55916e-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Jan 2024 10:22:57 GMT
close.png
s3.glbimg.com/v1/AUTH_3426e47ed6784b729ddc152696060e4c/Barreiras/ Frame 1028 		210 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_3426e47ed6784b729ddc152696060e4c/Barreiras/close.png
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
1d00ab80903ea23ebb7a0ba54d171d39a76c6adf2f2710d454e9a33a8456e1f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
x-openstack-request-id
txe6122f581e8d4ef9abda3-00659530a8
last-modified
Mon, 13 Sep 2021 17:14:07 GMT
x-thanos
0AB54009
etag
f4b34f13635462633664e34911bd1fce
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1631553246.32720
cache-control
public, max-age=180
accept-ranges
bytes
content-length
210
x-trans-id
txe6122f581e8d4ef9abda3-00659530a8
x-request-id
2dfae697-7d87-4634-9222-8b63989c00ad
gq-naobarreira-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/ Frame 1028 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/gq-naobarreira-desk.gif
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
a4f898c86b3afdc277ff3d2af3640e01239a5fe8c1d481cb6fd0e34bb3e225f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
x-openstack-request-id
txc63e1b4aac054dd7b84a4-0065953038
last-modified
Mon, 04 Dec 2023 14:43:12 GMT
x-thanos
0AB54009
etag
f52dd9d41a1ed7a31f288e1b541c993f
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1701700991.67626
cache-control
public, max-age=180
accept-ranges
bytes
content-length
52547
x-trans-id
txc63e1b4aac054dd7b84a4-0065953038
x-request-id
d1e779d4-b383-4b8d-a73d-01de74e45cc3
gq-naobarreira-mob.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/ Frame 1028 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/gq-naobarreira-mob.gif
Requested by
Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OTXIPPKM8BJB&templateVariantId=OTV098W6UU76K&offerId=fakeOfferId&experienceId=EXBLRY5MIHAD&iframeId=offer_828cb449f6dc25edefce-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
19f7146cb68a9d8a25baa06a5aa87742aa1126df4eed16a75798436d61138118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.tinypass.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
x-openstack-request-id
tx66fbdf4c1bf74d839aa12-0065953038
last-modified
Mon, 04 Dec 2023 14:43:11 GMT
x-thanos
0AB54009
etag
6e29b81ea33850ae7f0288abbb1dc829
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1701700990.77954
cache-control
public, max-age=180
accept-ranges
bytes
content-length
24444
x-trans-id
tx66fbdf4c1bf74d839aa12-0065953038
x-request-id
03cd1191-e61d-4113-8eef-d869f880d6ba
a2d0012f-e0ba-499a-a21f-1e80bcab0a1b
https://gq.globo.com/ 		890 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gq.globo.com/a2d0012f-e0ba-499a-a21f-1e80bcab0a1b
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adfb1ea6d98241db3c29f5ba2259616477b5d2ca909044c08b97ea8b16ab91c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
911352
Content-Type
collect
www.google-analytics.com/j/ 		3 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=376958401&t=event&ni=1&_s=1&dl=https%3A%2F%2Fgq.globo.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=eg_gq_footer_pulseira&_u=YCDAgEABAAQCACAEK~&jid=694727920&gjid=1569014175&cid=320781341.1704276175&tid=UA-21942769-1&_gid=1190835761.1704276177&_slc=1&gtm=45He3bt0n81WP5C9ZVv893114496&cd2=home%20-%20&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=GQBS&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd22=%2F&cd49=&cd53=01&cd55=01&cd56=%20%3A%201&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd5=320781341.1704276175&z=46383027
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-21942769-1&cid=320781341.1704276175&jid=694727920&gjid=1569014175&_gid=1190835761.1704276177&_u=YCDAgEABAAQCAGAEK~&z=667675302
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
89dbb0f0-7faa-4b36-997f-00531a107f0b
https://gq.globo.com/ 		890 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://gq.globo.com/89dbb0f0-7faa-4b36-997f-00531a107f0b
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adfb1ea6d98241db3c29f5ba2259616477b5d2ca909044c08b97ea8b16ab91c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
911352
Content-Type
geoip
api.permutive.com/v2.0/ 		246 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
cdn.permutive.com/models/v2/ 		347 KB
244 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7611 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf60f3e825f33bb67b35b00ecafbb30e525e4abd4906b70b4c19f9a894c8373

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-goog-meta-oid
d39f98ec-9259-4f8b-896d-7ab58be1f900
age
0
x-guploader-uploadid
ABPtcPofnAol01FzsJdou9uZX2ZBaqPWFllbV-gmRIIjs1F1Gjff-vEB14oKoccfgrtI0tf9aExxOjK3qA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
249204
last-modified
Sat, 30 Dec 2023 17:22:30 GMT
server
cloudflare
etag
"296708bef7b80ec09fbe9926f3220555"
vary
Accept-Encoding
x-goog-generation
1703956950898487
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=Z2hQwg==, md5=KWcIvve4DsCfvpkm8yIFVQ==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
249204
accept-ranges
bytes
timing-allow-origin
*
cf-ray
83fa68bc0e9c907c-FRA
expires
Wed, 03 Jan 2024 10:02:57 GMT
identify
api.permutive.com/v2.0/ 		50 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
7f49ec0f2299c81c9104d1998f2f647822ec558764050246eded3b8a6a0f5708

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2628 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 8858 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buy.tinypass.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 22:01:04 GMT
x-content-type-options
nosniff
age
302513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 22:01:04 GMT
truncated
/ Frame 8858 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=376958401&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgq.globo.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=eg_gq_botao_topo_pulseira&_u=aCDAgEABAAQCAGAEK~&jid=&gjid=&cid=320781341.1704276175&tid=UA-21942769-1&_gid=1190835761.1704276177&gtm=45He3bt0n81WP5C9ZVv893114496&cd2=home%20-%20&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=GQBS&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd22=%2F&cd49=&cd53=01&cd55=01&cd56=%20%3A%201&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd5=320781341.1704276175&z=1724214810
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 18:41:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55272
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2628 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2628 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:57 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=376958401&t=event&ni=1&_s=3&dl=https%3A%2F%2Fgq.globo.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobili%C3%A1rio%20N%C3%A3o%20Barreira&el=eg_gq_naobarreira_pulseira&_u=aCDAgEABAAQCAGAEK~&jid=&gjid=&cid=320781341.1704276175&tid=UA-21942769-1&_gid=1190835761.1704276177&gtm=45He3bt0n81WP5C9ZVv893114496&cd2=home%20-%20&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=GQBS&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd22=%2F&cd49=&cd53=01&cd55=01&cd56=%20%3A%201&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd5=320781341.1704276175&z=632779881
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 18:41:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55272
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 1028 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
audiences
api.permutive.com/audience-matching/v1/id/325d72dc-c28c-4b28-b8d6-e252c24b94f9/ 		12 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/325d72dc-c28c-4b28-b8d6-e252c24b94f9/audiences?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:02:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
truncated
/ Frame 2628 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf1d0703849876e90ce5895df5b2226be27b18d74ecebdd4841fb784fd82d3c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 2628 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkUd30DCVZejaO7OT1PIPg7i16A2smau7XIXo5Oe_C8CNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi04ODI4NTg3MTQ5NDczNDM3yAEJ4AIAqAMByAMCqgTuAU_Q-yu4HFuAkKuAb5wpPzpc7BggVsPGjFXEv-NKksFHqqvzYFRC-mcqknpqZdL5NtQ5mMH9TE8lBZFdpEJy_DEVfccXA5jP8ZULj3dAR39WJiMQa6zlsUNApAqSILqLOpve9NmhX_gBXerfP0OgRbPcFX0SW0trnkETBlUC0zIA2VZXdAANsNk0Y5xxTHg39gUFkblIr95pNq6olZZtF0LEiE5TRpp94_rpfkG-ppX6Xth9gN3N_d7GWygbeB58LOGps-Hcc6YHpOX-DaT5bNFw_v6m4FK_s8oynNoIBIrdF3sVQCpMVGv2PV0W3mTgBAGgBpcBqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WL6n_8D7wIMDgAoD-gsCCACADAHiDRMIodj_wPvAgwMVswlVCB0DXA3d0BUBgBcBshccChoSFHB1Yi04ODI4NTg3MTQ5NDczNDM3GOHzIA&sigh=R2vCq-03tN0&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
json
trc.taboola.com/editoraglobo-gq/trc/3/ 		41 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-gq/trc/3/json?tim=11%3A02%3A57.387&lti=deflated&data=%7B%22id%22%3A287%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1704192248988%2C%22vi%22%3A1704276177385%2C%22cv%22%3A%2220240102-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgq.globo.com%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fgq.globo.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7034%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22rtui%22%3A%22a3zLRkX5VFrvFGFutG2ra9loahcEGrwd%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A3821.15625%2C%22mw%22%3A750%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-b%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b700933725d868156ed61a12e2b4a504e6c9f5c2b234a7330a6a41407c7f35ba

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
223
date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.9470833333333334
x-fastly-to-nlb-rtt
7432
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230136-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1704276177.397887,VS0,VE223
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
adfetch
googleads.g.doubleclick.net/pagead/ Frame 1806 		170 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ed8a65164df74af30d20dc7b8971f90624f8549901fd1fe837485267b94a5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
48315
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame A88F 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0481712fe5bae84f1b02cc375afad77dc9e141437602c3a0717739654e9a003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
788
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3350
x-xss-protection
0
server
cafe
etag
10582483094955927000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:49:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A88F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-DHhfMoIoBhZWAG1u2MFDHn1JrkeMuK69hpiY60Gjj9ClEeOFSsG6Uvnl_nyZAcSybt7cgVpf79miRvKcMxdaomFKkPNw&pr=8:9F7EB03574572A35
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a0772216-2c15-4df6-939f-3c74a8da4e74
beacon-ams3.rubiconproject.com/beacon/d/ Frame A88F 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/a0772216-2c15-4df6-939f-3c74a8da4e74?oo=0&accountId=15688&siteId=280390&zoneId=1398904&sizeId=57&e=6A1E40E384DA563B7B334915AF2048226F7752E7E36851CE42C5A6309DB4ED40270BA8A1EE248576A94F37EE0662D85EB8B520C669668569C134A8F0951EC0CBBA3675AFDA0F7D89696AD91C6D8CAD316D954094261C256A0A7BD95B2BCFF6D8EE5AEDBB49E40C4EEE3B4731926B5249E10646B15623A43167D8436A6B00A1BF7E625848872D964AE88D14A8E282D0F9F59EB71450C92279E0B8781946711554AA679286AF4B73C422FFAD7EC4FA98C502F8B51BEE1BDBBFA0BF4A88939E830A
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
container.html
28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7766 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:55 GMT
expires
Thu, 02 Jan 2025 10:02:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7766 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 10:17:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
431113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Dec 2024 10:17:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7766 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:57 GMT
usync.html
eus.rubiconproject.com/ Frame 33CE 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jan 2024 10:02:57 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
adfetch
googleads.g.doubleclick.net/pagead/ Frame 7C00 		170 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758166e9b42e75b764bca7945de29c8295767c45cb446580474dd09554d9350a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
48237
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 10:02:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 624D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0481712fe5bae84f1b02cc375afad77dc9e141437602c3a0717739654e9a003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
788
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3350
x-xss-protection
0
server
cafe
etag
10582483094955927000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:49:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 624D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-C3227s9pAh2GYVZM92fpYPeqPjwh8nQaA2eThiYv5t1rW80MvioARCkWj76A-71-G4JY4hBOugqBOa8tcqCsrkL9lHWA&pr=8:B1629E3FBCFC0899
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4f4dc0e8-5c55-472e-b6d5-986f07d314bc
beacon-ams3.rubiconproject.com/beacon/d/ Frame 624D 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/4f4dc0e8-5c55-472e-b6d5-986f07d314bc?oo=0&accountId=15688&siteId=280390&zoneId=1398904&sizeId=57&e=6A1E40E384DA563B601556A9E2DA296672680AB0C7D33AF48C5BCD98D3E737214020BABB377033E831F7F1B8E165771F9F0BE1F8337FD75D119A26A89DC1497D9CC79E48EB2996AA0C7D7676383250080F73700A82058AC8063C03CB0E6C743DA0A439006D7B4E8F53DE5EE16FC4F811B06E1373843F69686ACDEF34301617A741FF9A3FAF75111314E1CF13EF6C13C136245FB366823FFCF907BF9C11A44BDA8818E2E350DC5F238C63F152114DEA36EC48480D471065C5EEFFC3E41A78A8BC
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:56 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 33CE 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jan 2024 07:28:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77079
Connection
keep-alive
Content-Length
13174
Expires
Thu, 04 Jan 2024 07:27:36 GMT
usync.html
eus.rubiconproject.com/ Frame 8FAD 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jan 2024 10:02:57 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
truncated
/ Frame 7766 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e85a36b8cf8a19b9b9f77a0f2d7e92ae1701afe62731dff99bf020808eb5a562

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 1806 		4 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 09:17:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 10:02:57 GMT
khaos.json
token.rubiconproject.com/ Frame 33CE 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
load_preloaded_resource.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1806 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:01:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1182
x-xss-protection
0
server
cafe
etag
16216481440669322801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 09:01:24 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 1806
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CwAUS0DCVZaXMKMCVjuwPzouM-Azu15OQdfLk47uLEWQQASC6vvAWYJXikIKgB6ABocCY8SjIAQmoAwHIA8sEqgTXAU_Qoh7srXffOtLIvd7oThNIXEo7ZvkLPi1sepuE4pmYQB0yAHoSQEF...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212070359612618173395%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%222...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212070359612618173395%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222235028417732321969%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"12070359612618173395","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"2235028417732321969"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:57 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12070359612618173395","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"2235028417732321969"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1806 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 23:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 23:20:07 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1806 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 01:55:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
29239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
x-xss-protection
0
server
cafe
etag
18393213423120915576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 01:55:38 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1806 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
33871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
server
cafe
etag
2895842962934950836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 00:38:26 GMT
l
www.google.com/ads/measurement/ Frame 1806 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkP776R5rqdvmfvOHJlR9dlhSHA1naa-X_g4NFavUzop-zGvz_Q5TPXmVw4boFHYMNdTNTEnZLQITayZyCivqA995PHQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1806 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:57 GMT
54d1c22c3cbefc4e5c3655ead0d764a5.js
www.gstatic.com/mysidia/ Frame 1806 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/54d1c22c3cbefc4e5c3655ead0d764a5.js?tag=mysidia_one_click_handler_one_afma
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b496fae0bf22e95b2ff8eb5477cb418c118245ac7e9a042dc5bac4a59e7ec249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20527
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 01 Apr 2024 13:49:16 GMT
usync.js
eus.rubiconproject.com/ Frame 8FAD 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jan 2024 07:28:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77079
Connection
keep-alive
Content-Length
13174
Expires
Thu, 04 Jan 2024 07:27:36 GMT
player.min.js
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 		2 MB
601 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by
Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
fabfd5922cbfe6a5a7a8638983fc73ef00a30da4c9e801d660f1db8a6589307f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-openstack-request-id
tx35d3a64fb22646349535b-0065944f89
last-modified
Wed, 20 Dec 2023 17:59:30 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
x-object-meta-mtime
1703093777.000000
content-type
application/javascript
x-timestamp
1703095169.16620
cache-control
public, max-age=86400
x-trans-id
tx35d3a64fb22646349535b-0065944f89
x-request-id
08cdb191-0f92-4ef7-a05f-51ea6ff0b473
shopping
encrypted-tbn3.gstatic.com/ Frame 1806 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTMTCqNkU6-SFbOsGrezGzYE7G9JL8z2dGwA5jE6B8nqdqv_HVswEnvX_ZiiL4&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a282354be8e80edaa0b8c5bb56e3552d9e879386fcf656c89589ecd876a8795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 01:31:58 GMT
x-content-type-options
nosniff
age
30659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33941
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 09:45:21 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 02 Jan 2025 01:31:58 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1806 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS13ZDNYcOkXdLu4Rz7j_2Ts0LFmYL5NsrJiBuLhDS_LfJAFJ5W3VHs0vaVYYE&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f386f7c5c13cd3869ac5018708bbe38719848f6511636bd7cb3b8c51586cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:21:08 GMT
x-content-type-options
nosniff
age
146509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34092
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 09:44:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 31 Dec 2024 17:21:08 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1806 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT5Pi2qwXBuo2wRxtEHOxNLHkXPCZ8mn0HSIu_8E19Omonau7mM-8IgszUE-g&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d27cdd06065a15594d1621ffe5b01dccd68cc0786ebbf056f61d2d5464dc4f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:09:28 GMT
x-content-type-options
nosniff
age
122009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15363
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 06:53:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 01 Jan 2025 00:09:28 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 1806 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSsE5v_MN4ssrYoU6BxnKug1FVwe5W1wK4AuYrSRkiaEqTkczp6IDDXA07yxA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4c52d6a0df9e992bbf6310f9d9ff6eaa91f3df36d5d2350867e0702e325ecec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 18:55:00 GMT
x-content-type-options
nosniff
age
227277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25325
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 09:48:07 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 30 Dec 2024 18:55:00 GMT
3995853839924061625
tpc.googlesyndication.com/simgad/ Frame 1806
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3995853839924061625
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:51:35 GMT
date
Tue, 02 Jan 2024 06:51:35 GMT
x-content-type-options
nosniff
age
97882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 17:15:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Tue, 02 Jan 2024 16:08:52 GMT
x-content-type-options
nosniff
server
cafe
age
64445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Feb 2024 16:08:52 GMT
khaos.json
token.rubiconproject.com/ Frame 8FAD 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
truncated
/ Frame 1806 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26b8467b8a9815be53ea97cc234320137550289fbc8cdab9a1960bb21f728e25

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-openstack-request-id
tx22bb9f775b1b4b92901ac-0065953060
last-modified
Tue, 27 Jun 2023 00:08:13 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1687824492.72874
cache-control
public, max-age=180
x-trans-id
tx22bb9f775b1b4b92901ac-0065953060
x-request-id
b1fdc817-4e31-42ce-90f1-338734442ae8
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=376958401&t=pageview&ni=1&_s=4&dl=https%3A%2F%2Fgq.globo.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABAAQCAGAEK~&jid=&gjid=&cid=320781341.1704276175&tid=UA-21942769-1&_gid=1190835761.1704276177&gtm=45He3bt0n81WP5C9ZVv893114496&cd2=home%20-%20P%C3%A1gina&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=GQBS&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=desktop&cd22=%2F&cd49=&cd53=01&cd55=01&cd56=%20%3A%201&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd5=320781341.1704276175&cd60=N%C3%A3o&z=1046889714
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 18:41:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55272
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
usage
api.permutive.com/v2.0/tpd/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/tpd/usage?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
seg
secure.adnxs.com/ 		0
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=32033770&t=1
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
an-x-request-uuid
f4fc08a0-958e-412f-9525-8338e4b5a6e6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
146.70.117.76; 146.70.117.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
segment
api.permutive.com/adv/v2/ 		37 B
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b30e332b569a4d1d3e934db078b1548179ceb8de1c861f521f7c9f8c46433501

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:02:57 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 		451 B
614 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:57 GMT
x-amz-request-id
P1ZMBB0T9Y9YWV7J
age
10124
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
uPAIFagt0s+APQt0blFznIDw9jNKchjHshOYqNEiAqN1dxhSV+WYV5CdkFTYPuPKAc5H1oQkNFc=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-timer
S1704276178.657269,VS0,VE0
etag
"1802e318f880ad7e5c7030e9da649cf6"
vary
Accept-Encoding
content-type
text/css
abp
77
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
15
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/4.7.5/ 		120 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60f52d034d5da2c2451a148186beb02c2f464cfd53c5e8bf09c804d3ff1c6ce2

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
via
1.1 765a91ad9951d0108fc1de53e348bac4.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
259264
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
33988
x-served-by
cache-fra-eddf8230124-FRA
last-modified
Sun, 31 Dec 2023 10:01:09 GMT
server
AmazonS3
x-timer
S1704276178.667510,VS0,VE0
etag
"29fffae19b471dcd8c1242f0f49f3381"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
41lGyppiUOUk40b-8KcrnatpiceCPnnHbJ07k0o9CCYeEp6X7o-YfA==
x-cache-hits
1303
userx.20240102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20240102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7759d6bdc3a7ab3ae2a3c19c724c3da402c3a2915151420b829776115e08c018

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
5dqQgJaEp1QaOMOW2njauyrc0.cQq0Ql
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:57 GMT
x-amz-request-id
9WEHMYFWMZV8N26E
age
409
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
W+CHbt888nZ7lFPNWwmczLYcfQDAJ5lEHTgmKmggGHYZvTraKAsuZpJo9s/+rZ/aCb2Nof014Yc=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Wed, 03 Jan 2024 09:56:09 GMT
server
AmazonS3
x-timer
S1704276178.667045,VS0,VE0
etag
"fa5d6d66f3fdacf6d1f4ea9f77ffe503"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
316
distance-from-article.20240102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20240102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ac93fe8beb861cf87d45219d1846a359382bbb1605173dba9fa3c3f4f8dfe50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
fqMqZYuK6wAoBi2BsUA7sbBJ2ry69Z3o
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:57 GMT
x-amz-request-id
2GTKZVKNDX1XWRDF
age
442
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
WsvzrjXqE9UfHvIjYEqPcyShek007aVjtQQYk+Vm1d6dLGLgkbvf35UxX+MB7VKKPV8M3ZcxJjQ=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Wed, 03 Jan 2024 09:55:36 GMT
server
AmazonS3
x-timer
S1704276178.667724,VS0,VE0
etag
"dd324371bc557f50cdf02f127ee25f20"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
98
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1170
article-detection.20240102-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20240102-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
beade67a5ba184743b37e74ec960a1ce88b5f8e775b7b1032a29e55a89689c4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
1VgdSrKI5WLah7Tby04cTWYPwBQJJXn1
content-encoding
gzip
via
1.1 varnish
date
Wed, 03 Jan 2024 10:02:57 GMT
x-amz-request-id
E2R1AHFP4K0QDKR9
age
448
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
Io9skvFTDTXDHViGWybyeEZJJOdb8LqFHYv9ekEr1qfmW3/E7+qkRus/WmPqwkhZhGW1LSF9DSU=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Wed, 03 Jan 2024 09:55:29 GMT
server
AmazonS3
x-timer
S1704276178.667727,VS0,VE0
etag
"929eb215cbdd162858fa24783c698cfd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1196
abtests
am-trc-events.taboola.com/editoraglobo-gq/log/3/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/editoraglobo-gq/log/3/abtests?route=AM:AM:V&tvi48=11657&tvi50=14761&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1704276177665%7D&tim=11%3A02%3A57.665&id=6613&llvl=2&ri=cd873f6529ecfbaca8c20a7b7dcf26c7&sd=v2_66c1d9609ef3487f4843b597d5892b2c_3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651_1704276177_1704276177_CIi3jgYQm_9JGOnjmvbMMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651&pi=/&wi=1560000493340960651&pt=home&vi=1704276177385&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240102-5-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
https://gq.globo.com
pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/editoraglobo-gq/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-gq/log/3/abtests?route=AM:AM:V&tvi48=11657&tvi50=14761&lti=deflated&ri=cd873f6529ecfbaca8c20a7b7dcf26c7&sd=v2_66c1d9609ef3487f4843b597d5892b2c_3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651_1704276177_1704276177_CIi3jgYQm_9JGOnjmvbMMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651&pi=/&wi=1560000493340960651&pt=home&vi=1704276177385&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1704276177658%7D&tim=11%3A02%3A57.658&id=3957&llvl=2&cv=20240102-5-RELEASE&
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212070359612618173395%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222235028417732321969%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 03 Jan 2024 10:02:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 7C00 		4 KB
632 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 08:25:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jan 2024 10:02:57 GMT
load_preloaded_resource.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7C00 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 09:01:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3693
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1182
x-xss-protection
0
server
cafe
etag
16216481440669322801
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 09:01:24 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 7C00 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 23:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
38570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 23:20:07 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7C00 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 01:55:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
29239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1307
x-xss-protection
0
server
cafe
etag
18393213423120915576
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 01:55:38 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 7C00 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 00:38:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
33871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11807
x-xss-protection
0
server
cafe
etag
2895842962934950836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 00:38:26 GMT
l
www.google.com/ads/measurement/ Frame 7C00 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2nSFw9YUckDiU_TbPOuE28rFdeu6QFMhZF98i-oduaUPJoMnJDzVI4L0awXpC9C05SqXS2h_afQQWRg8SI1DfJ5Fzqg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C00 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Jan 2024 10:02:57 GMT
54d1c22c3cbefc4e5c3655ead0d764a5.js
www.gstatic.com/mysidia/ Frame 7C00 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/54d1c22c3cbefc4e5c3655ead0d764a5.js?tag=mysidia_one_click_handler_one_afma
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b496fae0bf22e95b2ff8eb5477cb418c118245ac7e9a042dc5bac4a59e7ec249
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20527
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 01 Apr 2024 13:49:16 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1806 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
89563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 09:10:14 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 1806 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 07:32:42 GMT
x-content-type-options
nosniff
age
95415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 07:32:42 GMT
social
am-trc-events.taboola.com/editoraglobo-gq/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-gq/log/3/social?route=AM:AM:V&tvi48=11657&tvi50=14761&lti=deflated&ri=cd873f6529ecfbaca8c20a7b7dcf26c7&sd=v2_66c1d9609ef3487f4843b597d5892b2c_3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651_1704276177_1704276177_CIi3jgYQm_9JGOnjmvbMMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651&pi=/&wi=1560000493340960651&pt=home&vi=1704276177385&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fgq.globo.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=11%3A02%3A57.672&id=2714&llvl=2&cv=20240102-5-RELEASE&
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
shopping
encrypted-tbn3.gstatic.com/ Frame 7C00 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTMTCqNkU6-SFbOsGrezGzYE7G9JL8z2dGwA5jE6B8nqdqv_HVswEnvX_ZiiL4&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a282354be8e80edaa0b8c5bb56e3552d9e879386fcf656c89589ecd876a8795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 01:31:58 GMT
x-content-type-options
nosniff
age
30659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33941
x-xss-protection
0
last-modified
Sat, 24 Feb 2024 09:45:21 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 02 Jan 2025 01:31:58 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 7C00 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcS13ZDNYcOkXdLu4Rz7j_2Ts0LFmYL5NsrJiBuLhDS_LfJAFJ5W3VHs0vaVYYE&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14f386f7c5c13cd3869ac5018708bbe38719848f6511636bd7cb3b8c51586cfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 17:21:08 GMT
x-content-type-options
nosniff
age
146509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34092
x-xss-protection
0
last-modified
Fri, 19 Jan 2024 09:44:54 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Tue, 31 Dec 2024 17:21:08 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 7C00 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT5Pi2qwXBuo2wRxtEHOxNLHkXPCZ8mn0HSIu_8E19Omonau7mM-8IgszUE-g&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d27cdd06065a15594d1621ffe5b01dccd68cc0786ebbf056f61d2d5464dc4f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:09:28 GMT
x-content-type-options
nosniff
age
122009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15363
x-xss-protection
0
last-modified
Thu, 21 Dec 2023 06:53:49 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 01 Jan 2025 00:09:28 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 7C00 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSsE5v_MN4ssrYoU6BxnKug1FVwe5W1wK4AuYrSRkiaEqTkczp6IDDXA07yxA&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4c52d6a0df9e992bbf6310f9d9ff6eaa91f3df36d5d2350867e0702e325ecec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 18:55:00 GMT
x-content-type-options
nosniff
age
227277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25325
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 09:48:07 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 30 Dec 2024 18:55:00 GMT
3995853839924061625
tpc.googlesyndication.com/simgad/ Frame 7C00
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCat6zDHxCwCRiwCTIIZ7MB4_P2Swc
  • https://tpc.googlesyndication.com/simgad/3995853839924061625
77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3995853839924061625
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 06:51:35 GMT
date
Tue, 02 Jan 2024 06:51:35 GMT
x-content-type-options
nosniff
age
97882
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Mon, 24 Apr 2023 17:15:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true

Redirect headers

date
Tue, 02 Jan 2024 16:08:52 GMT
x-content-type-options
nosniff
server
cafe
age
64445
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/3995853839924061625
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 01 Feb 2024 16:08:52 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 83A8 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBxYM0AZKPNAELlDQBEZQ0AYGVNAF0ljQBdpY0Aa2WNAHrljQBzpc0AfyXNAH_lzQBA5g0AQmYNAEkmDQBlJg0AaWYNAG0mDQBuJg0AeOYNAHnmDQB9Jg0AfaYNAEOmTQBFpk0ARyZNAErmTQBSZk0AUqZNAFMmTQBTpk0AVGZNAFTmTQBYZk0AWiZNAF6mTQBg5k0AYaZNAFLc0EBU3NBAakgXAJX-4gCwP6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgIm-6oCQvuqAjwjqwKEJ6sCVCirAvorqwJUMKsC1DarAiU6qwIpOqsCLTqrApg7qwI9QasCG0arAjRIqwJsSqsCwk2rAmBOqwK4TqsC9FCrAgJRqwIKUasCk1WrAuxXqwIgXKsCGnGrAu9xqwKwcqsCfnOrAst0qwIXd6sCHHerAiF3qwIld6sCKnerArN4qwIIeasCUoCrAoaAqwKRgasCm4GrAsqCqwKGg6sCYoSrAiqGqwJzh6sC7YmrAp6KqwIDi6sCtYurAhSMqwK3jKsCl4-rAgOQqwIDkasCHJarAuaYqwLnm6sCqqOrAnykqwJQpasCcaWrAt6oqwKDq6sC26urAkOsqwJlrKsCgKyrAvasqwJCrqsCe66rAt-uqwI7r6sCFLGrAmKyqwIgs6sCeLOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwL4tasCA7arAje2qwLrtqsCZLerAoy3qwK0t6sCMbirAiG5qwL5uasCfbqrArG6qwIau6sC1burAjS8qwJJvKsCT7yrAhe9qwJ6vasCle0FAz9e9wSieK4FDnquBZV7rgWte64FB3yuBe18rgUTfa4FnLTFBTUDUwjwQtwJwtihDtO5-xIhxfsSWcr7EpjN-xJ75PsS4BL8Ej4V_BJrFfwSeRj8Et0a_BLsHfwS9R78Evoe_BJbn-oUYKLqFNTwWSg&awbid_c=AKAmf-A2I87P48SzhbkEICe3tDR2D1Rt84RALJtwl8WTXm1LJ7VeH2KX9QLX43fAIydQQCUpK34UnAWsnO5fMWTviZdCruFsd1zejxGeDHJmYqSwUQj0mmPbTBIxJb_YQfXapnGHdbbPEG-FrISYQoWT_Ny0pYQ7TOW4C9rKfuApoy2NOwLDB_qMOBczU2n8asKEhHI_Ws35iFmPgM0Gdim11KLesR9BTWmhzT2BIkSbwHZQGufD_s8SrxPi_gfkv95myiYu7bT1x32hlxb70Cu2x09MMaoJ_IVKIX8HaMC1tnF1ZIs7iUBA-qcPKg4bwLCfVM9l_Yp_2EUVVn44AHKAxW9cZV8E0J28V1ML2mDPJp-PtNG8eLoiEaqUgB_em4YTFrogDTBa5398VLXY3Vzs0TyO4_BKvLV6X2qhXzPV-NfME01hiChgNMt6U7bdnYt00cjuGqfinVwztal-kAxnH3VmTOkeHG3FFzXwp9Se20CxOiWV6oWlCHOblcxCwC71c4v5_5xnWbOtT9VRJYvCrtcozO-DlX-CYUclD00mUo9HdTUP1Pfd5OKsP-qG8EAaIp7pNePXW6EUSpJTrLxdQznN5QTeNA&awbid_d=AKAmf-DrUFKQGeKnNK09GkS57wfEUL9GU8O4XpnqzHiZVCHKFQ0DVVX15QKdoYgmnquGoQRswIGDkdWQJlvXnUFoVmhhzndIbyiIs_LbiNcJNIjzewZ-wEB2c0g3UBylmpanNh8QMNr0LwVeOR1iH9iIBQIGms5qfLXpXWUy5fUod8qz1029JZdMlcM6C0UUJ1uCnnBGXlheRqgwHDvwhkuy50MqbVs_jrkETkDEsCQMfHeABmP-1ZmW05P3h8PXNpJnlFigRiUnrqT6Yp9_2eJ1M76IyGO3uEKfFhpZ4_u5xoAtemEL_p9fq3dM3BZiH_zmueae8MXAHC6ybHv7QYueRgI9dvukhMUxSzcK24ZG7YMiQKLnDIkEWE2YJODZh_7HAwgfBXV1Q-nUsAm8kw6-XgCjQ1vQ-shXyPCc2UrlpVn-Az0c-BpULwvlQm_1GL0Vn4DE4uGZZYxh0JJmf23QOOxKhuQQn1odoreNC5W_kwnH--gxOOZX-mFERiF_Glkjno4V1xlpAJbJJeP7kWUATb7HS3p0Nm-bqDTKZQwiAKyHd3kyziWUpPDeHwBUb3atDIrHiMQJplmW6wgbdyDx0u06lp0fNGBTiV9-Jmg1jj5D2xYL9Uli_k0hQCP8DBCsRgVlUx-bfEXLHVW_lUnXqM5CUASMP3XtPK3hqOjNDM7yO9jdaMYKPtE5nWDhnvhej1ipKwb-WnggRRAV56JUHDPHKymzmWFe6mQGP1VB9dK3iqSorlQLukFHTBESSMZ3io1VqQnK7UEYqCo6fso9XGwCg0toffkqPkhgcHNZp6dnXhPXVYQcd4pRpg9aGhbbC7rtv7JoRL6m42cD3SqbxHd4Goh8Fj5fy3oxdkkhcQzJ2tVYns725SxvhW28YeGrXVhq17Ob2DWpyv9_G1yIsuBgpZbOU3xwQslomUBFuabSZJnT3d1KGplyl36Gfdz_1fEOpKQCsulYK6ytZ6ier2uryvJ9bmGQu0cYNZoFMFb-gszj0k2BfnWXNgRn7A679lek8MfTV7r3GNDH7o3fpcbxZMjuJjoan2mkQF0q9XKtiUpQJoMXFZgKlN6M3zfkCNPxkgc0UsUgOSk1HQraGyLyVo5bkztemPz-7bTZ1CtbEeMF8k2anm5XmNflf2EsmQU5YfEioSHJPwcg-oO1d2dUELya_g&cid=CAQSMgAvHhf_vXBHZueDjt__do0IiVI_FG6rsVHrwHJAOvLshrVo_GnL32sfcZ60MIFVvcz2GAE&exk=1450222521&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:9F7EB03574572A35
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
90065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 09:01:52 GMT
supply-feature
am-trc-events.taboola.com/editoraglobo-gq/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-gq/log/3/supply-feature?route=AM:AM:V&tvi48=11657&tvi50=14761&lti=deflated&ri=cd873f6529ecfbaca8c20a7b7dcf26c7&sd=v2_66c1d9609ef3487f4843b597d5892b2c_3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651_1704276177_1704276177_CIi3jgYQm_9JGOnjmvbMMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651&pi=/&wi=1560000493340960651&pt=home&vi=1704276177385&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A735.15625%2C%5C%22articleClasses%5C%22%3A%5C%22destaque-premium%20gq%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22700%5C%22%7D%22%7D&tim=11%3A02%3A57.733&id=2256&llvl=2&cv=20240102-5-RELEASE&
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/editoraglobo-gq/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-gq/log/3/supply-feature?route=AM:AM:V&tvi48=11657&tvi50=14761&lti=deflated&ri=cd873f6529ecfbaca8c20a7b7dcf26c7&sd=v2_66c1d9609ef3487f4843b597d5892b2c_3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651_1704276177_1704276177_CIi3jgYQm_9JGOnjmvbMMSABKAEwODib4wlAgooQSNzK2QNQ____________AVgAYABol9TM2v-Z45zBAXAA&ui=3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651&pi=/&wi=1560000493340960651&pt=home&vi=1704276177385&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22735.15625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=11%3A02%3A57.735&id=9538&llvl=2&cv=20240102-5-RELEASE&
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 03 Jan 2024 10:02:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ Frame 7C00 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2c9bff51d490b1c2f56f31641fe0c2cf91d0f7cc8c39892ae844b2172801d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7C00 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:10:14 GMT
x-content-type-options
nosniff
age
89563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 09:10:14 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 7C00 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 07:32:42 GMT
x-content-type-options
nosniff
age
95415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 07:32:42 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 7C00
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cu9hN0DCVZcGUKL7o1PIPg--s6Avu15OQdfLk47uLEWQQASC6vvAWYJXikIKgB6ABocCY8SjIAQmoAwHIA8uEgIAEqgTXAU_QXvhFqUnPNfCbMJ-pyeBrAT5uf_o4qMfVCvshQ5tVj3Bj4SI...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226059883817518596645%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%2225...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226059883817518596645%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22751603919404073793%22}&andc=true
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"6059883817518596645","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"751603919404073793"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:57 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 03 Jan 2024 10:02:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6059883817518596645","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"22":["true"],"4":["01-03"],"6":["true"]},"priority":"500","source_event_id":"751603919404073793"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 7766 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CnRpf0TCVZYi5B8OCgQeE96XAAqyZq7tchejk578LwI23ARABIABgleKQgqAHggEXY2EtcHViLTg4Mjg1ODcxNDk0NzM0MzfIAQngAgCoAwHIAwKqBO4BT9B26ulgX2XMoDk7RM5MWGsDI51pp8PMvqUyDQRG2MRyZeYWq-SVw7ncr5CGkMifByrqJC6tqZROJ6dOiCZIAMHK0ck4JZs3hq88DOjMoz6JN-SaqYS4jU16kFklZ_8MdN9h8Qb-93rgK7gUQ0y92ydf4s99xNShFFHy_nzs2_ro-TfKk6b40rN_0W21Nft2qw7JNr-jkgPu15EGREOvUes7sh-m18aFg3yvVWKn4nCUvkCUVGd6nzGHuCFEySxKihLapffgCaoK46HKDNLP-TuvPw_N2XWyH4PWoKsrWQSM13EPTPbwa--x2tjxRuAEAaAGlwGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYhrSIwfvAgwOACgP6CwIIAIAMAeINEwiL6IjB-8CDAxVDQeAKHYR7CSjQFQGAFwGyFxwKGhIUcHViLTg4Mjg1ODcxNDk0NzM0MzcY4fMg&sigh=m_ORWX7cN-o&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by
Host: 28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
URL: https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:02:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 03 Jan 2024 10:02:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 6433 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=32227691&adsafe=medium&client=ca-pub-6579838053286784&format=970x250_as&ip=2001:ac8:20:271::&output=html&psd=W10%3D&unviewed_position_start=1&url=https://gq.globo.com/&sub_client=bidder-280390&hl=de&aceid=MCEdtABGWzQBko80AQuUNAERlDQBgZU0AXSWNAF2ljQBrZY0AeuWNAHOlzQB_Jc0Af-XNAEDmDQBCZg0ASSYNAGUmDQBpZg0AbSYNAG4mDQB45g0AeeYNAH0mDQB9pg0AQ6ZNAEWmTQBHJk0ASuZNAFJmTQBSpk0AUyZNAFOmTQBUZk0AVOZNAFhmTQBaJk0AXqZNAGDmTQBhpk0AUtzQQFTc0EBWjzaAakgXALf_ogC4_6IAg__iAIj_4gC4DmqAnlAqgInQqoCKEKqAilCqgIbRKoCQmSqArdlqgL9eKoCR4mqAoCbqgKBm6oCgpuqAqKoqgJ_zaoCD_GqAmb4qgJC-6oCPCOrAoQnqwJUKKsC-iurAlQwqwLUNqsCJTqrAik6qwItOqsCmDurAj1BqwIbRqsCNEirAmxKqwJgTqsCuE6rAvRQqwICUasCClGrApNVqwLsV6sCIFyrAhpxqwLvcasCsHKrAn5zqwLLdKsCF3erAhx3qwIhd6sCJXerAip3qwIIeasCUoCrAoaAqwKbgasCyoKrAoaDqwJihKsCKoarAnKHqwLtiasCnoqrAgOLqwK1i6sCFIyrAreMqwKYj6sCA5CrAgORqwIclqsC5pirAqmaqwLom6sCYZ-rAqqjqwJ8pKsCUKWrAnGlqwLeqKsCg6urAturqwJDrKsCZayrAvasqwJCrqsCe66rAjuvqwIUsasCYrKrAiCzqwJ4s6sCsbOrAuuzqwIWtKsCGrSrAiG0qwIltKsCKbSrAmW0qwIDtqsCN7arAuu2qwJkt6sCorerArS3qwIxuKsCIbmrAvm5qwJ9uqsCsbqrAhq7qwLVu6sCNLyrAkm8qwJPvKsCF72rAnq9qwI0vqsCle0FAzNe9wRAXvcEoniuBaR5rgUOeq4FmXuuBa17rgUHfK4FnLTFBTUDUwjC2KEO07n7EiHF-xJZyvsSmM37Envk-xLgEvwSPhX8EmsV_BJ5GPwS3Rr8Euwd_BL6HvwSGx_8Eluf6hRgouoU1PBZKA&awbid_c=AKAmf-DkeRddG6bRZ1p0Y9pKdF5n8PMlUB5OOR4rTcbrXzbGciUsIuhlbRTSs19vzDYlyyKauhjd3_W3S5_0jR4nJvh0FC7kRSKjLsXhAYuucq8J8BfXaYc0PjqN4LfDQ3JFSJiq_Dkjk3MFDQ9cuvaHV39fASUdQQTo-grxFU2pKZD4FxKUn7JLS2jclBMj9kYDOe-D0d-0jsAdmnmQbRulPvuD_IbvDzTK_g_Qcmjq_2Ck5Lor4FEzpSo9b_YlH1TN-moR2tr6cfOz-Pf564WR5zC0FVtOnbgq1WTPqyU0bkNSCD1HKOFRY4VdJXkn8bvx7fUM4r-AJsuMM6SNn8_RyMnIrbtWxVCpfgbYJgNnUnRNa1UD9y74BdbMbOjsw9qDBh3wjATIBIOTA7K7nWpqmkmMDov1fdISYxhYTjb5ZOOnf6r3q6w4jdPYsATEh9wr5LkKVBEQTqc0GSDyG-UM6GoxQ2NgebHFz63kdqWc76dvhryBQOrI6wt_uSixDgYzZ7ITwcp5yV4kpdOmFnlFWaxmB1OSSlwWfsO6UE7nvHMsmUV8RCpx-cKAuab-s1dvMTTa08Gj6wnvZzghGbn2BWyALESVRw&awbid_d=AKAmf-CJBPhC7KCgLAM7PS8vgntU2a3f-iC8IvxZaFfJ-3G8eZ_y1sFAeKByJinwH1aSITsVnUxpXLdfU5e_9F92APA_Ztpo2JGQO3oTso5c6ftDffE9XiJFv4c8G7h9w-wrXWJLxzdklyZogZmhQuAmbBZNXw_oLiYZZFqMHoI6LXQY0t4t6MvFqerRmiFyhQkGLyM1PykCZvKcrUOFhZUk19GK0_qnrrXCOLb_zw1tbAq5WED9Vix-aZRXfblSsSjzEo2kMkhGBOJhJFrqVTpo7vQgpfEumpQDKgl7gjPdZe8jwmeg2iuLmA3dRYfVK2-jgqCJ-lioBCzhCRrDWY3_feU65bWZn61L3bnkqXKVq1EMIQwa5IsnWAEr5iR3dsHRG_JpNL0tMoauWKf4nl7fZVb8ShVaDHwaA1CoNbfbuiauY5lyf-C3epJ56_rfsbt3WbQg9bN_K_5FvISoBWMMUdyAL4ATTbRJ8Zewdn1RaOKIjxedWTaNV4PDLR2N9XuzQXU428TFor2Inra5C3kiIs8FtkN4jFQe8ryE-F9viWiAoO7Z6gWFAaFTCVvgwKw8zMUOquVGYLMkq7WVemxNJePiAv_XIHF6L6-YBIcotafTslzLM0e-A4jBVAA4M5EajXs0Mkfo1T2bwSZSX6QC5XHNhpB-rTjI35dCaT13rQjhyWxjltPXXsKqaoSyV_ecOSYn-ZODIsG7JnZcxhVbec5em39CoKwWGiVOJcpHiY7eRWUdCsxJ0bL4OuCaOCZTXBNs7WzWvYjfP6hHZO7MR8ogu036mkt0pc2LrWFHX3nP_R0m12TfPmA7iwp7qOPJtzUvH-6Q6q_wbNrme-LVxM7so06r7H0y4aTlvXQAd4l4Rz_Nn7njsGDu43KCsA0RQLkzgOHsmBxMRX2iloHzJkZ3gekmUmg3RAVyJ0ngb6IfRzCv1VBL_ozh2QV7AYcAAow3GTdUYG5QbVUvbeSsxqUkZyedmsm5GWYhP32e4UXs7u9J7FksE9UhZBpyIEhUH1eFA9ifSdphyLuEeyMHs26qc10TWR-z-x3GZlb31jWJNO0FFhlgQssYm9b6_yAklS1LkPzsf2QCcAyMq83fWgn_tMpAFC6D-hs51LVrPj2LIIXVO_QZTTK0ITDeHa2lSpvT1tpVwT7xo4ES7BjBiplYvrqk4w&cid=CAQSMgAvHhf_nE9bhQsAlALxtBwtTHKDzYu3FM5mkW31zcVMTi1r7qUrSVQs0AAwcxXMREeCGAE&exk=845569349&rfl=https%3A%2F%2Fgq.globo.com%2F&a_pr=8:B1629E3FBCFC0899
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 09:01:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
90065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 09:01:52 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226059883817518596645%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%2222%22:[%22true%22],%224%22:[%2201-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22751603919404073793%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 03 Jan 2024 10:02:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 03 Jan 2024 10:02:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:02:57 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
st
imprammp.taboola.com/ Frame 95CC 		577 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&cmcv=&pix=undefined&cb=1704276177998&uv=148127567&tms=1704276177998&abt=adxsub-out_vA!adxsub-out_vB!ufm!ul148127-567_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=295812a2-3329-4b90-a3d6-9291ed84383d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4615cea73135743318a93521b0bb506f6b28217a54c8f2fd3cc3e4e448619959

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 03 Jan 2024 10:02:58 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230136-FRA
x-timer
S1704276178.003530,VS0,VE10
sync
am-match.taboola.com/ Frame 3976 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
bef005b225fbeb72fcd4d7674c38fe50c24a2b7a632ae5ae98cc13e54e091be8

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 03 Jan 2024 10:02:58 GMT
machineid
3408
server
nginx
cmOsUnit.css
vidstat.taboola.com/vpaid/units/148127_567/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/148127_567/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-meta-mtime
1704270352
date
Wed, 03 Jan 2024 10:02:58 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
68GPFH1HX7F9BNM3
age
5768
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1704270352
x-amz-meta-mode
33188
content-length
7921
x-amz-id-2
HPsRlzFCYNspGVrnM7zvtgiz6tAE3bpSI30vHM8U1bai7cpPoxD952DtqSXW2pWiI3g1TmkJUeU=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Wed, 03 Jan 2024 08:25:53 GMT
server
AmazonS3-br
x-timer
S1704276178.007287,VS0,VE0
etag
"f7b7155f1c129d09779b1ec80bc9bb24"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
1276
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/148127_567/infra/ 		378 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/148127_567/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
586dceea85586a8d905372beba2a93c85b2696e8df4ff9623886b8ee412c5f34

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-meta-mtime
1704270304
date
Wed, 03 Jan 2024 10:02:58 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
TGM8206ERES0X832
age
5767
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1704270305
x-amz-meta-mode
33188
content-length
87328
x-amz-id-2
Jxnwo9kjMANbz6iNWApVPiWCsAz6ZxZutC6BCrzP/H3OGmNOEQAEnAdXKJ2KZ7c/1r+J2jrnlDM=
x-served-by
cache-fra-eddf8230124-FRA
last-modified
Wed, 03 Jan 2024 08:25:06 GMT
server
AmazonS3-br
x-timer
S1704276178.020310,VS0,VE0
etag
"c6f9750a316dcadcaa85df28f0d0bcaf"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
360
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&cmcv=&pix=31589837&cb=1704276177998&uv=148127567&tms=1704276177998&abt=adxsub-out_vA!adxsub-out_vB!ufm!ul148127-567_vA&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1704276171301.1!ts:1704276177998&mntl=1
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 95CC 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&cmcv=&pix=undefined&cb=1704276177998&uv=148127567&tms=1704276177998&abt=adxsub-out_vA!adxsub-out_vB!ufm!ul148127-567_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=295812a2-3329-4b90-a3d6-9291ed84383d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 95CC 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&cmcv=&pix=undefined&cb=1704276177998&uv=148127567&tms=1704276177998&abt=adxsub-out_vA!adxsub-out_vB!ufm!ul148127-567_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=295812a2-3329-4b90-a3d6-9291ed84383d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4a2f:8181:9d4c:7740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame ABD6 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&cmcv=&pix=undefined&cb=1704276177998&uv=148127567&tms=1704276177998&abt=adxsub-out_vA!adxsub-out_vB!ufm!ul148127-567_vA&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=295812a2-3329-4b90-a3d6-9291ed84383d&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jan 2024 10:02:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 3976 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 3976 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4a2f:8181:9d4c:7740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 3976 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame ABD6 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jan 2024 07:28:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77078
Connection
keep-alive
Content-Length
13174
Expires
Thu, 04 Jan 2024 07:27:36 GMT
khaos.json
token.rubiconproject.com/ Frame ABD6 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.7/ 		429 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/148127_567/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9c6d25449dbf732a4eddc265e07b5af38ac04601e67666b218e4a3f7fa496628

Request headers

Referer
https://gq.globo.com/
Origin
https://gq.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-meta-mtime
1703930465
date
Wed, 03 Jan 2024 10:02:58 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FG11Z4CTDNNY34XR
age
345644
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1703930477
x-amz-meta-mode
33188
content-length
82362
x-amz-id-2
eJZdF3w7Pm5qsrse4awPWjHRU0mOXqsYW/Zz4oBqssQq9hRX08OrnvciAghYdaE0Z440MZC8qOE=
x-served-by
cache-fra-eddf8230124-FRA
last-modified
Sat, 30 Dec 2023 10:01:18 GMT
server
AmazonS3-br
x-timer
S1704276178.112882,VS0,VE0
etag
"e54b3481947dc7240a4fe0a6967ddd39"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
20668
sync
am-match.taboola.com/ Frame 56DB 		439 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/148127_567/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
bef005b225fbeb72fcd4d7674c38fe50c24a2b7a632ae5ae98cc13e54e091be8

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 03 Jan 2024 10:02:58 GMT
machineid
3407
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://gq.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Wed, 03 Jan 2024 10:02:58 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
1705914
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1704276178.128475,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
5646
generic
match.adsrvr.org/track/cmf/ Frame 56DB 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
server
Kestrel
content-length
70
content-type
image/gif
3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 56DB 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:4a2f:8181:9d4c:7740 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 56DB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=368&height=207&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1704276178151&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1587&pt=990037180&tz=60&viewable=true&ddast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768405&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vA!ul148127-567_vA&mPre=0.033&cirf=https%3A%2F%2Fgq.globo.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
597a3bea205e2976b14b6d9af47e3fa9efb2adae6459434cd28f7c26fdcd0703

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 03 Jan 2024 10:02:58 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1417
x-cache
MISS
x-served-by
cache-fra-eddf8230136-FRA
pragma
no-cache
server
nginx
x-timer
S1704276178.238838,VS0,VE106
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
vast.aniview.com/api/adserver61/vast/ 		898 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.aniview.com/api/adserver61/vast/?AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&AV_URL=https%3A%2F%2Fgq.globo.com%2F&cb=R0.1704276178153&AV_WIDTH=368&AV_HEIGHT=207&AV_CCPA=1---&AV_SCHAIN=1.0,1!taboola.com,1212315,1,503209054,editoraglobo-gq,gq.globo.com&iiqpartner=755298539
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.7/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
23ba40cdadd1f5b8bed1bfa83b1bb1b39b6fc58692ffddff2176cfcaef6cd43f

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
text/plain

Response headers

x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
date
Wed, 03 Jan 2024 10:02:58 GMT
x-bamboo-wl-track
track1.aniview.com
content-length
565
pragma
no-cache
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-wl-player
https://player.aniview.com
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
x-bamboo-wl-serve
gov.aniview.com
access-control-allow-origin
https://gq.globo.com
content-type
text/xml
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Wed, 03 Jan 2024 10:02:58 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
5d12203f9c2c44c4e53ec62ce840f24451415eab8ea7efe7c4ee480a0e41cd68

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.83.2 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-83-2.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
content-encoding
gzip
x-openstack-request-id
tx3bb872dbe8a142edad032-00654b5f6e
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0AB54009
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
tx3bb872dbe8a142edad032-00654b5f6e
x-request-id
96a6bf7a-dc82-4bed-8c24-141c35ca4706
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128925
x-xss-protection
0
expires
Wed, 03 Jan 2024 10:02:58 GMT
cmAdService.js
vidstat.taboola.com/vpaid/units/148127_567/infra/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/148127_567/infra/cmAdService.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/148127_567/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1f11b524b2979da6fb9dba6c058478033c9f6fa88ad5b1063f601d82a07925e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-meta-mtime
1704270345
date
Wed, 03 Jan 2024 10:02:58 GMT
via
1.1 a51af242bb87a51c6b17ed13ee788db8.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
5768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1704270346
x-amz-meta-mode
33188
content-length
11504
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Wed, 03 Jan 2024 08:25:47 GMT
server
AmazonS3
x-timer
S1704276178.381822,VS0,VE0
etag
"f9dd1303716fc4c82224f25594abbaf5"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hUtprlpcaJHS2GJoQKwKBfuLc1rqWBPxAccf4OuZmEZslt4EtZv92w==
x-cache-hits
1187
AVmanager.js
player.aniview.com/script/6.1/ Frame 5D67 		466 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.7/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
14e1fbd6edbe49c7614a7eaa6bf54e7cd098a1048c8eb21dfe24503ccc706745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:58 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ABPtcPr2NbXp_iGiCp9XE7Ap_u1G8xkVgwN7uMqbd1smMy2ITg5SsymTCggcHqrE-U1Mt3suxqxk28c5qg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
136683
Last-Modified
Sun, 31 Dec 2023 08:44:23 GMT
Server
UploadServer
ETag
"67f53f4be2e3f4f69a0f96213d9ad638"
Vary
Accept-Encoding
x-goog-generation
1704012262877138
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
x-goog-hash
crc32c=6jnjTQ==, md5=Z/U/S+Lj9PaaD5YhPZrWOA==
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, no-transform, max-age=900
x-goog-stored-content-length
136683
Accept-Ranges
bytes
Expires
Wed, 03 Jan 2024 10:17:58 GMT
truncated
/ Frame 5D67 		194 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5D67 		573 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5D67 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5D67 		528 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5D67 		224 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5D67 		306 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5D67 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5D67 		398 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
gov.aniview.com/api/adserver/tag/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gov.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fgq.globo.com%2F&AV_CCPA=1---&AV_SCHAIN=1.0%2C1!taboola.com%2C1212315%2C1%2C503209054%2Ceditoraglobo-gq%2Cgq.globo.com&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=621cca388ba47d78a102e506&AV_CHANNELID=62ce741fc6e4546c8d7def07&tgt=1&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=[AVC_ABT]&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=gq.globo.com&AV_DADPOS=1&AV_GPID=/621cca388ba47d78a102e506/62ce741fc6e4546c8d7def07/gq.globo.com&d36=6.2.158&responsive=1&sver=4&avtoken=178545&omv=1.0.1&clsid=039644b1-fa50-457f-a346-81f01c40a8b5&rando=71&scnt=1&AV_WIDTH=368&AV_HEIGHT=207&AV_DNT=0&cb=1704276178548&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.0.146.5 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
820274c9386675d6237a86daaa2a517b1a33cd272f714718d078e095ccbbbafc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:59 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://gq.globo.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Fri, 22 Dec 2023 20:16:19 GMT
track
track1.aniview.com/ 		0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=gq.globo.com&sn=&ic=0&tgt=1&app=&wi=368&he=207&test=&d36=6.2.158&apppkg=&fv=1&proto=https&clsid=039644b1-fa50-457f-a346-81f01c40a8b5&rando=71&scnt=1&pid=621cca388ba47d78a102e506&cid=62ce741fc6e4546c8d7def07&stagid=&stplid=&e=inventory&vi=0&cb=1704276178547
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.186 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
schemas
horizon-schemas.globo.com/ 		153 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
5e05e35e826701aeaeea6e6988b00afaf3aa5cc0b62e8c5f0280cee358410012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:59 GMT
content-encoding
gzip
via
2.0 CachOS
x-bip
908338379 asra03mp05lx02ca08.globoi.com
age
5088
content-length
14725
x-request-id
ca200b0f-3834-4014-8407-5145209fb151
x-thanos
0AB0D094
vary
Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
cache-control
max-age=7200, public
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,GST
bulk
trc.taboola.com/editoraglobo-gq/log/3/ 		0
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-gq/log/3/bulk?tvi48=11657&tvi50=14761&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240102-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Wed, 03 Jan 2024 10:02:58 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7612
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230136-FRA
pragma
no-cache
server
nginx
x-timer
S1704276179.678648,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
state
api.permutive.com/v1.0/ 		0
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:02:58 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 03 Jan 2024 10:02:58 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
21990
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1704276179.737859,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
79
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
5222
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 209D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D1%26key%3D
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=137414
content-encoding
gzip
content-length
5622
content-type
text/html
date
Wed, 03 Jan 2024 10:02:59 GMT
expires
Fri, 05 Jan 2024 00:13:13 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 45B9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26bid...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=200&key=OPTOUT
0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=200&key=OPTOUT
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 03 Jan 2024 10:02:59 GMT
etag
OPTOUT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=200&key=OPTOUT
pragma
no-cache
pixel
ap.lijit.com/ Frame 7175 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D18%26key%3D%24UID
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 03 Jan 2024 10:02:59 GMT
X-Sovrn-Pod
ad_ap3ams1
usync.html
eus.rubiconproject.com/ Frame 5B58
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jan 2024 10:02:59 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 5216
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=1&gdpr_consent=&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D105%26pid%3D59c9148...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
0
224 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
0
date
Wed, 03 Jan 2024 10:02:58 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=105&pid=59c9148628a0612da3689288&key=&gdpr=1
server
envoy
x-envoy-upstream-service-time
1
cookiesyncendpoint
sync.aniview.com/ Frame 9C77
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3655&_fw_gdpr=1&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=afe6ff1fa5d5beb149a31267aee6a25&_fw_gdpr=1&_fw_gdpr_consent=
0
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=afe6ff1fa5d5beb149a31267aee6a25&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Wed, 03 Jan 2024 10:02:59 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=afe6ff1fa5d5beb149a31267aee6a25&_fw_gdpr=1&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1704276179329045-431
auto-user-sync
ads.stickyadstv.com/ Frame DBA2 		43 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=1&_fw_gdpr_consent=
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:192:1::173 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Date
Wed, 03 Jan 2024 10:02:59 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1704276179284099-349
cookiesyncendpoint
sync.aniview.com/ Frame 85B9
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=aniview&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D52%26key%3DBUYERUID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=52&key=ua-37950312-f46e-3370-8746-c68b82464bd4
0
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=52&key=ua-37950312-f46e-3370-8746-c68b82464bd4
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT

Redirect headers

cache-control
no-store
content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT
expires
0
location
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=52&key=ua-37950312-f46e-3370-8746-c68b82464bd4
pragma
no-cache
cookiesyncendpoint
sync.aniview.com/ Frame 0FC8
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=B81743F7-B474-4C19-8479-8697021ABDD2&gdpr=1&gdpr_consent=&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-00...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=31&key=03a6c9b0cc6b44f389951dd3dfdbbc9f
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=31&key=03a6c9b0cc6b44f389951dd3dfdbbc9f
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 03 Jan 2024 10:02:59 GMT
Keep-Alive
timeout=25
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=31&key=03a6c9b0cc6b44f389951dd3dfdbbc9f
Server
nginx
cm
u.openx.net/w/1.0/ Frame B5AC 		43 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=ec4c2ec9-18b8-454e-98be-3ee1e6bfea65&gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D23%26key%3D
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-length
56
content-type
text/html
date
Wed, 03 Jan 2024 10:02:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 3A21 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync
ups.analytics.yahoo.com/ups/58815/ Frame FD2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58815/sync?redir=true&gdpr=1&gdpr_consent=
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Wed, 03 Jan 2024 10:02:59 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.94
strict-transport-security
max-age=31536000
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DF94 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=136&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fbiddername%3D215%26auid%3D1704276178889-172026010126-000418-008-000573%26gdpr%3D1%26gdpr_consent%3D%26ccpa%3D1---%26key%3D%7BuserId%7D
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0,no-cache,no-store
date
Wed, 03 Jan 2024 10:02:59 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
cookiesyncendpoint
sync.aniview.com/ Frame 201A
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=55&key=5707612477931008559
0
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=55&key=5707612477931008559
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.182 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 03 Jan 2024 10:02:59 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a999401f-4809-49c7-99b0-be509885b4e4
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Wed, 03 Jan 2024 10:02:59 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1704276178889-172026010126-000418-008-000573&biddername=55&key=5707612477931008559
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
146.70.117.76; 146.70.117.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
avpb8.21.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 5D67 		278 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
0d3adf1667c176f7c41d755cf6ecc6fbfdeb9c37102a78d4cb3f784864a7fc35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 03 Jan 2024 10:17:59 GMT
date
Wed, 03 Jan 2024 10:02:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPoUwvuO9xmRZsabWQf2GElX_BUnW3Sz2X0u6_7vOlSF8IOq0PXpXQ5IgQZonskWVsQ-fAoGIKSCyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
88482
last-modified
Sun, 31 Dec 2023 08:44:23 GMT
server
UploadServer
etag
"0912ac205eaf808d0a52fd073cf60323"
vary
Accept-Encoding
x-goog-generation
1704012263189307
x-goog-hash
crc32c=a51GKg==, md5=CRKsIF6vgI0KUv0HPPYDIw==
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
88482
accept-ranges
bytes
quic-version
0x00000001
avpb8.21.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 5D67 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a0.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 03 Jan 2024 10:17:59 GMT
date
Wed, 03 Jan 2024 10:02:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPp1vOhaFsUuzScIp8c5fnscuckI04H2m7EKu940HMtwFfc4nY1wtwP26Rb3UnMVNFAPdQXdr3OZBw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
23198
last-modified
Sun, 31 Dec 2023 08:44:23 GMT
server
UploadServer
etag
"b130ab6a4393b309f4373ecdd11ae335"
vary
Accept-Encoding
x-goog-generation
1704012262970669
x-goog-hash
crc32c=n6XFGQ==, md5=sTCrakOTswn0Nz7N0RrjNQ==
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
23198
accept-ranges
bytes
quic-version
0x00000001
avpb8.21.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 5D67 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0a2.js
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ce4dab5b138ccbbb9742103a1dd9dc52cf3b13789027e4ea0e1821cd27c69a5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 03 Jan 2024 10:17:59 GMT
date
Wed, 03 Jan 2024 10:02:59 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPriMBfLHjMP8-SDJD45r47buLGqWiX5TttELhsEqELQT_pCHqsUNY5cVaecg2WOZyJvKA4WULZUBg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
21388
last-modified
Sun, 31 Dec 2023 08:44:23 GMT
server
UploadServer
etag
"2fbf4c96ef96c23eecda05a018d6ba3b"
vary
Accept-Encoding
x-goog-generation
1704012263003423
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=kWiSzw==, md5=L79Mlu+Wwj7s2gWgGNa6Ow==
access-control-expose-headers
Content-Type
cache-control
public, no-transform, max-age=900
x-goog-stored-content-length
21388
accept-ranges
bytes
quic-version
0x00000001
adv
grid.bidswitch.net/ 		60 B
358 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/adv?auid=381154&u=https%3A%2F%2Fgq.globo.com%2F&r=1704276178&gdpr=1&gdpr_consent=&bf=1.4725&cbb=4276179294
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?AV_PUBLISHERID=621cca388ba47d78a102e506
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.67.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-67-76.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:59 GMT
Server
nginx
Content-Type
text/xml; charset=UTF-8;
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
60
PugMaster
image6.pubmatic.com/AdServer/ Frame 209D 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25680724&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1704276178889-172026010126-000418-008-000573%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:58 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 5B58 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:02:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jan 2024 07:28:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77077
Connection
keep-alive
Content-Length
13174
Expires
Thu, 04 Jan 2024 07:27:36 GMT
khaos.json
token.rubiconproject.com/ Frame 5B58 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://gq.globo.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 03 Jan 2024 10:02:59 GMT
prebidjs
rtb.openx.net/openrtbb/ Frame 5D67 		53 B
247 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
e5da5280ed72348b4248215a28229dfde619ce861841122d453d1810291d8bc0

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:02:59 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
unruly_prebid
targeting.unrulymedia.com/ Frame 5D67 		11 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://gq.globo.com
pragma
no-cache
date
Wed, 03 Jan 2024 10:02:59 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
11
content-type
application/json
sdk-runtime-config.js
buy.tinypass.com/api/v3/anon/assets/ 		266 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:907e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d31615ca8c55c13a434103484dc51d06dcaa295c5cad185757167d6241df1f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:02:59 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
8117
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Mindo6sNVca
wn
prod-dash-10-0-142-191
last-modified
Wed, 03 Jan 2024 07:47:42 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.004
cache-control
public, max-age=14400
cf-ray
83fa68cb1a555c32-FRA
expires
Wed, 03 Jan 2024 14:02:59 GMT
editoraglobo
horizon-track.globo.com/event/ 		0
385 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/editoraglobo
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryazUSdmOVprRIFvKH

Response headers

date
Wed, 03 Jan 2024 10:03:00 GMT
x-served-from
hzt-tsuru
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
user,User-Agent,Content-Type,GLBID,GLBUID,ADVERTISING_ID,EXT_ID,globoId
content-length
0
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:03:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 04 Jan 2024 10:03:00 GMT
publishertag.prebid.139.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gq.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 10:03:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 26 Oct 2023 13:53:27 GMT
server
nginx
etag
W/"653a6f57-17cae"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 04 Jan 2024 10:03:00 GMT
prebid
id5-sync.com/api/config/ Frame 5D67 		135 B
412 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pbhid
id.hadron.ad.gt/api/v1/ Frame 5D67 		227 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd3a4d8bf0c729b06a3dc960854b7cec069097c4447ac6ce4606a1d18d8dd9b9

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:03:00 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
83fa68ce3f8a3a82-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
envelope
api.rlcdn.com/api/identity/ Frame 5D67 		44 B
349 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=105
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:03:00 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pd
aniview-d.openx.net/w/1.0/ Frame 36D7 		199 B
202 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aniview-d.openx.net/w/1.0/pd
Requested by
Host: gq.globo.com
URL: https://gq.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
151
content-type
text/html
date
Wed, 03 Jan 2024 10:03:00 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
v1
lb.eu-1-id5-sync.com/lb/ Frame 5D67 		33 B
272 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ca22ec36e96866d361361f15d48de6cc691c224e8da36514af0ab67f8b4964ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:03:00 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
371.json
id5-sync.com/g/v2/ Frame 5D67 		251 B
529 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/371.json
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb8.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e45736138c5eec91413f6d5d6d44ceea36e54dec41d4dfd257a052dc11a853ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:02:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgq.globo.com%2F&domain=gq.globo.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 03 Jan 2024 10:03:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
212108
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fgq.globo.com%2F&domain=gq.globo.com&cw=1&pbt=1&lsw=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:03:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
243868
expires
0
usync.html
eus.rubiconproject.com/ Frame 1895 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Jan 2024 10:03:01 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1F3B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://gq.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 03 Jan 2024 10:03:02 GMT
ETag
"623de86a-cf34"
Expires
Thu, 04 Jan 2024 10:03:04 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 1895 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.82.37 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-82-37.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Wed, 03 Jan 2024 10:03:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jan 2024 07:28:05 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=77075
Connection
keep-alive
Content-Length
13174
Expires
Thu, 04 Jan 2024 07:27:36 GMT
khaos.json
token.rubiconproject.com/ Frame 1895 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
7d6e3b6fefbbeb4d018118d74243a2fc
Expires
0
async_usersync
ib.adnxs.com/ Frame 1F3B 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:03:02 GMT
an-x-request-uuid
f8a8eaee-e730-42ab-8012-5a9591d13758
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.76; 146.70.117.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:03:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 03 Jan 2024 10:03:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:03:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 03 Jan 2024 10:03:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:03:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 03 Jan 2024 10:03:02 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1ZN2PMPQGQ&gtm=45je3bt0v884047758z8893114496&_p=1704276175390&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=320781341.1704276175&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1704276177&sct=1&seg=0&dl=https%3A%2F%2Fgq.globo.com%2F&dt=GQ%20%7C%20Seu%20Guia%20de%20Moda%20Masculina%2C%20Cultura%20e%20Lifestyle&_s=2&tfd=10994
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1ZN2PMPQGQ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:03:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1F3B 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Jan 2024 10:03:03 GMT
an-x-request-uuid
eaa7e70f-faef-4616-9c5e-8ee589fb357d
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
146.70.117.76; 146.70.117.76; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
event
prebid-a.rubiconproject.com/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Jan 2024 10:03:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
events
api.permutive.com/v2.0/batch/ 		101 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by
Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b94be39f481ee9df44f814484910ce7ce5f712e55c210a0d76ee162b3ac5fc03

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 03 Jan 2024 10:03:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://gq.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.175.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-175-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gq.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 03 Jan 2024 10:03:03 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
118 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/148127_567/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://gq.globo.com
date
Wed, 03 Jan 2024 10:03:03 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=368&height=207&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1704276183155&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1587&pt=990037180&tz=60&viewable=true&ddast=V8SOICLAZIE_WkddA_lhOQJupJ66B_LC8AAABgYED8AIksV8PFZGFZazaT5Vo0cQ7WCs_ItlZOlouVyTjaDDcjIyCR5Wq4mCwsa81mslyLJs7BWuEZ2dbKyXKxMhlHm-FmZAUZwjL7fQch3-0yPHwug6joelvsDqfZ8wYVaDodPte9Xue468x-i9-u8bv9cgAAAADw4P___x8CAAAAQAQAAAAACQAAAAAUAir8WxC4AAAAAIDh____XwMAFAcM-ZuOLrvFdfkZ9BaDyGU5iB6ui8vyDwAAAAAgAAAAAEgAFPCelgBQ8ak48f________8fY4A-80bG_____w2DHgAPPgAehAAAAHwMkYwtsR7YytYgUnBZhBEAAAAASaM6piOTdIKKRZX___9-KwBXAAACGJ2NZS2y6A5KvIUBAAAAGLNAD4vfb3bYNX63y_z_________m_k_849GqIgrJU2QCMWeml9AAIA1v4AAAGzGDQDAGwE4QScAVkchdsPZYDcZzJazAwAAAHDn____Xw-IzTaOkXM2WK5sntFwNzMNR5uJa7kbuYbLycSy8R4Suw38zZ2_iD4ZwjL7fQch3-0yPHwug6joelvsDqfZcz8TthitJpPNcjhbLiaD4Wg4Gu3PQEwGAzQRg-VyMllMdqvRarQZ7kazwQIJxGCCKFo0mKxGo8liMlyNJqvZcrHbbRBFq1az0WYwXM0ms91uNRwMl6MRmrDFaDWZbJbD2XIxGQxHw9FoiGBmYjMNFoaJW-KZLNyi4WCzFk4mzrXEsbEsPBbHcDjarUWvj-ljXFlsq8UWCQaQ7EXytEgnGpNxt5nZVpPlymOzODwO48YyWPgmvpHHZpltfBOxRHOySCeyy7422zhGztlgubJ5RsPdzDQcbSau5W7kGi4nE8vG35nYTIOFYeKWeCYLt2g42KyFk4lzLXFsLAuPxTEcjnZr0etj-hhXFttqsW_sBqPJbrbY7faN3WA02c0Wu92-w2R6pj5no-1vTnl8utVtu7jZnAaFy2Dx_iSmxbQ7O3h-v6NTp34pizqj3-_3-_1-v9_v9xu0noPZoPDNzlGbMntLS6vphUFsMChiieAinahMTtPf8vCZ_Ra_W-e4iCVK00U60Rf9bpfh4XP5K2KJ4HSRToR-t8ui_qOGGM3musFcsdjNdbNVAgAAAAAAAACwBNNMNwEAAABwMpjdarlbrdOB7GbD0WC1XAASf5u6gEEAAAAAAAB2VZjyuNwXnC4Wa-yxhzI5TX_Lw2f2W_xunePKACTcRJlt9hlBrNVqWQMAABDABgAAEMBNN94EhFlx_____-MAAADIyKEHAAAgvg-IBgAAAAAAgF9BjHazxf4BqBBrtVrdbqzVagUsmNVit5rA____f4IAAAAAAAA5qQ!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2768405&dpubid=375975&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vA!ul148127-567_vA&mPre=0.033&cirf=https%3A%2F%2Fgq.globo.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.7.5/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
597a3bea205e2976b14b6d9af47e3fa9efb2adae6459434cd28f7c26fdcd0703

Request headers

Referer
https://gq.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Wed, 03 Jan 2024 10:03:03 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1476
x-cache
MISS
x-served-by
cache-fra-eddf8230136-FRA
pragma
no-cache
server
nginx
x-timer
S1704276183.161944,VS0,VE32
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://gq.globo.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

432 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| documentPictureInPicture object| googletag object| utag_data object| cdaaas string| currentLocation object| pianoName string| nomeProdutoPiano string| ambienteUtilizadoPiano boolean| conteudoExclusivo boolean| semPaywall string| tipoConteudoPiano string| editoriaPath object| splitPath string| nomeEditoriaPiano string| nomeSubeditoriaPiano object| ggeac object| google_tag_data object| google_js_reporting_queue function| Glide object| linkTags object| header_data_globoid object| header_data_login_area_container object| oidcSettings string| gcomBarUseCustomUrl string| gcomBarcustomUrl string| gcomBarcustomUrlTitle string| gcomBarcustomUrlTitleColor number| autoplay object| SETTINGS_NEWSLETTER function| OneSignal object| WindowControl object| ScrollSpy object| localStorageCache object| glb function| stringStartsWith function| isArray function| extendObjs object| ajaxCache object| tinyBasket object| manageElementClasses object| viewportSize number| myInnerWidth number| myInnerHeight function| fnSpriteSvgSuccess object| regeneratorRuntime undefined| google_measure_js_timing number| __oneSignalSdkLoadCount function| __jp0 function| $ function| jQuery object| LGPD object| horizonResources object| pbjs function| bannerLazyLoading function| disableLazyLoad function| enableLazyLoad boolean| libPubReady object| webpackJsonp boolean| hasPaywall object| tp object| PaywallAnalytics object| tinyCpnt object| dataLayer object| Piano boolean| giftUrl object| responseVariables object| SWG object| swgEntitlements function| printTable object| editoraGloboAuthenticationLib function| comScore object| ns_p number| google_unique_id object| gaGlobal object| gui object| loadTimes function| convertRecAb object| pbjsChunk object| $jscomp function| __extends object| Horizon object| glb_realtime_map object| pvm object| BlockAdBlock object| blockAdBlock object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_146 object| Criteo object| Criteo_identitytag_146 object| google_tag_manager undefined| arrayGloboId object| GlobalIvcNamespace function| ivc object| bVejaMais undefined| observer undefined| config function| fbq function| _fbq boolean| isMobile number| tempo boolean| fixed object| publicidadeFixa object| jQuery18308403162415087269 object| n object| d object| _taboola function| renderBannerSemFilho function| renderBanner function| insertPubInImage object| MAP_POSITIONS function| renderPositions function| insertPubFloating object| COMMON_POSITIONS object| pubInText object| signal_decrypted function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp function| getCookie function| hasCookie function| removeOldVersionsFromStorage function| insertUserDataOnDataLayer function| insertUserDataOnStorage function| getGloboIdFromCookie function| getUserDataFromLocalStorage function| getUserDataFromUsergate function| finishEvent string| HORIZON_RECOMMENDATION function| insertHorizonRecommendation function| notifyHorizonRecommendation object| Snowplow function| setImmediate function| clearImmediate object| WM object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| cX object| PianoESPConfig object| glbBannersConsumer object| regrasTiny string| _GALimite string| _GAContagem boolean| executouPageview function| cxCCE_callQueueExecute object| cxTest boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| ari object| nvg13574 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg_hosts object| naveggReady object| TTTagManager function| TTTagManagerError object| _ttq_ttGlobo function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| Ah object| _pm_mcg object| nvg46169 string| GoogleAnalyticsObject function| ga object| permutive object| apntag object| __permutive object| gaplugins function| onYouTubeIframeAPIReady object| pers undefined| cXJsonpCB1 object| gaData number| taboola_view_id object| libAnalytics boolean| libAnalyticsReady string| nam object| placementData boolean| _tb_vd_pg object| cmTag object| _cm_wfCounters object| webpackChunkadUnits function| Zepto object| Backbone function| startCMTagMain string| category function| OvaMediaPlayer string| lastWfUrl object| commonSignals function| commonTracker function| sendCommonHit object| WP3 object| WM_PLAYER_VIDEO_TAG_TEST_AUDIO object| WM_PLAYER_VIDEO_TAG_TEST_MUTE object| Clappr object| vttjs function| WebVTT object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| storageAni object| tv4 object| criteo_pubtag_prebid_139 object| Criteo_prebid_139

76 Cookies

Domain/Path Name / Value
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID
Value: e0133295-4a24-4e9a-8969-ad9b1da36e6e.mig-rhsso-cache-prod-68rv
id.globo.com/auth/realms/globo.com/ Name: AUTH_SESSION_ID_LEGACY
Value: e0133295-4a24-4e9a-8969-ad9b1da36e6e.mig-rhsso-cache-prod-68rv
.onesignal.com/ Name: __cf_bm
Value: 7AG1Z3KUq2wvkImoadlNW7QP8nmhzFDK98UP7.CP3dE-1704276173-1-AZhVxgQgX/qGJpC+HhSwxORFmwI6zejZj8OnKGN+UOftxG56NlqbFM3ykVj5oGbGWKXc85S00nNE7m0btlAprHU=
.globo.com/ Name: _pc_randomCookieForPiano
Value: cookieB
.globo.com/ Name: cookie-banner-consent-accepted
Value: false
.globo.com/ Name: pbjs_sharedId
Value: 4eb83484-7f2c-4885-a64c-f2068caab90b
.globo.com/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
.globo.com/ Name: __gads
Value: ID=7578e3e765b282b5:T=1704276175:RT=1704276175:S=ALNI_MYs4CQJE547s6oPP6TH0tNWcVpOeQ
.globo.com/ Name: __gpi
Value: UID=00000d362729911d:T=1704276175:RT=1704276175:S=ALNI_MbbSW8Z4owWHaJ6d4r79DwM8qCm9g
.doubleclick.net/ Name: IDE
Value: AHWqTUkbZtI6d66490a_ObqHudkGST7y1u51sp3oXGL-2YfcTS0hGYFZzLLktIhMDus
gq.globo.com/ Name: __adblocker
Value: false
.globo.com/ Name: lotame_domain_check
Value: globo.com
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 1ace40f4-7484-4fc0-ade2-3032e16ade31
.openx.net/ Name: i
Value: 15fb0513-df31-4e20-b655-e340b63dc841|1704276176
.globo.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIBYB2AVgDYAjDy4AmQVz4AOESIEc%2BAThABfIA
.globo.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lqxm15ybpl823pq0%22%7D
.globo.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
gq.globo.com/ Name: __pnahc
Value: 0
gq.globo.com/ Name: _gada_ses.04d1
Value: *
gq.globo.com/ Name: _gada_id.04d1
Value: ab641ed3-c244-4782-944a-6e4e0aae56cb.1704276177.1.1704276177.1704276177.f09405b0-a14d-4f99-a398-0796b0ee6bde
gq.globo.com/ Name: privAu
Value: 0
.globo.com/ Name: cto_bundle
Value: yNI3vF9wM1N5WFhibTQ4UUtiQ0xIVW92aHVOZEtZME5zaXd6dFZVVFVsajB5T0FNTjIxUGpVWEVLNnpqTGRVZWp4Z2dFUnJsUkVZJTJCSWRVQ0hNTmQ0azYlMkZ6czFqV2xxb2R6YWRYTFMyZU9ZT1l4SnQ1aXg4WHN5U0tWTVBiSmFab3BDV3k1ZWlXQVpGeEpRZzJSNTY0RElXZVd3JTNEJTNE
.piano.io/ Name: __cf_bm
Value: qNCBlcdZ_jpEgBv97atHeuWUGrzRkcv_RN3fkTVdF2Y-1704276176-1-Ab2JsIDlZnoIsl6Yz4yEw89TQO0J+WUrvorha3jA71ZitfaqmB64xVzkgMrEPK1tJYMgQ8PHwRHe6KDive6iy8Q=
.globo.com/ Name: __tbc
Value: %7Bkpex%7DsqebxYZP_UPfbiCht34bqq2uvt192Q_l4bWIW5hBOrHOfe97V6sqLXT1dCNQV9W9
.globo.com/ Name: __pat
Value: -10800000
.globo.com/ Name: __pvi
Value: eyJpZCI6InYtbHF4bTE1eWZzZDlvM214YSIsImRvbWFpbiI6Ii5nbG9iby5jb20iLCJ0aW1lIjoxNzA0Mjc2MTc2Njg2fQ%3D%3D
.globo.com/ Name: xbc
Value: %7Bkpex%7DJIeQgw17rOE_tOn2gjQ03Phpj-3AYtLGch_JvDunklo1wXQyp1i0ffN2GKsZge5uzr75Kd2GXuy-J-PCkGVDwU_DKJganTbMUPYJng_0ybjaFw85S5Bq_ztgBENf4ztcLMAdI8ftechrIs1I8nABzEsdAkG4aXJ6_Z0CbA8j15KvfUKGnZFVmOTxfeVdODQTeRrBbNhC79VXikGLL4Ji3si_JRhXrc-JplcJtLYnyJ-bvBneONu1NJaWWhKiTe1og6BFVYjxk8pc1_IYQm81K5L0srEVn45GFyHCORxYNUf4_Wo4HjdJhQbdDHi0ONfF1S_iW6DAwLKM1GgI7OmoFY23-RkY50QrFtXnRokNAPUncyzZQC29MFwC87IYQrQT
.globo.com/ Name: _fbp
Value: fb.1.1704276176752.433927646
.adnxs.com/ Name: icu
Value: ChgIyN95EAoYASABKAEw0OHUrAY4AUABSAEQ0OHUrAYYAA..
.adnxs.com/ Name: uuid2
Value: 5707612477931008559
.tinypass.com/ Name: LANG
Value: en_US
.globo.com/ Name: cX_P
Value: lqxm15ybpl823pq0
.rubiconproject.com/ Name: khaos
Value: LQXM161L-J-HJ56
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qruWcVmnEyJjPsKGGM1eolu5vVtDhgOVUORoUZOq/XfJmWg+ZmNP3H8fwH28MUF8JszgHlbzd1OQOFl1BdYHuF4MSuBZa6T3a4ijy0RC4Zd8RuybVyVU0yt
.globo.com/ Name: kppid
Value: 1514536132516782237
.globo.com/ Name: hsid
Value: 115386f9-b8fd-477c-9a77-4d04218ce629
.tinypass.com/ Name: LANG_CHANGED
Value: en_US
.globo.com/ Name: nav13574
Value: 13ea4896ef7732cad2cfe4c1d910|2_4
.navdmp.com/ Name: nid
Value: 13ea4818f2b35e002cdf5901d910|0|33
.globo.com/ Name: nav46169
Value: 13ea4818f24f9d44fabfba593010|2_4
.cxense.com/ Name: gckp
Value: oaq36eago1f83lau82lvpg969
.globo.com/ Name: cX_G
Value: cx%3A1ttfe1z2nyouq23syqv8mqf9xi%3Awavr04vx778f
.globo.com/ Name: permutive-id
Value: 325d72dc-c28c-4b28-b8d6-e252c24b94f9
.krxd.net/ Name: _kuid_
Value: QA21Itnw
.globo.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.globo.com/ Name: _ga
Value: GA1.2.320781341.1704276175
.globo.com/ Name: _gid
Value: GA1.2.1190835761.1704276177
.globo.com/ Name: _dc_gtm_UA-21942769-1
Value: 1
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/ Name: pxid
Value: 69aee23c-b51e-47f5-8f0a-81d1777671b2
.globo.com/ Name: GLBEXP
Value: 6rjGVbr3CZc7gBO1MkaJTidIpRa+0WCqOhUFTbbFOq8=
.globo.com/ Name: glb_uid
Value: eKj3udEhaaJNbPLtcfz9Zc_2l9toIT3Xek6z53r69KM=
.globo.com/ Name: _ga_1ZN2PMPQGQ
Value: GS1.1.1704276177.1.1.1704276177.0.0.0
gq.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D3bf40a0b-b32a-4803-82b9-b1c2acb18847-tuctc8eb651
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVOsF17d!]tbP6j2F-XstGt!@DTp$fTKo
.googleadservices.com/ Name: ar_debug
Value: 1
.aniview.com/ Name: aniC
Value: 1704276178889-172026010126-000418-008-000573
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.ads.stickyadstv.com/ Name: UID
Value: afe6ff1fa5d5beb149a31267aee6a25
.ads.stickyadstv.com/ Name: pxId
Value: 1953
.globo.com/ Name: _pubcid
Value: c3e91655-b608-4af4-8bb5-615bbc7f7ed6
.globo.com/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-37950312-f46e-3370-8746-c68b82464bd4
.aniview.com/ Name: 1_C_55
Value: 5707612477931008559
sync.aniview.com/ Name: 1_C_55
Value: 5707612477931008559
.aniview.com/ Name: 1_C_105
Value:
sync.aniview.com/ Name: 1_C_105
Value:
.aniview.com/ Name: 1_C_9
Value: afe6ff1fa5d5beb149a31267aee6a25
sync.aniview.com/ Name: 1_C_9
Value: afe6ff1fa5d5beb149a31267aee6a25
.aniview.com/ Name: 1_C_52
Value: ua-37950312-f46e-3370-8746-c68b82464bd4
sync.aniview.com/ Name: 1_C_52
Value: ua-37950312-f46e-3370-8746-c68b82464bd4
.aniview.com/ Name: 1_C_31
Value: 03a6c9b0cc6b44f389951dd3dfdbbc9f
sync.aniview.com/ Name: 1_C_31
Value: 03a6c9b0cc6b44f389951dd3dfdbbc9f
gq.globo.com/ Name: _lr_retry_request
Value: true
gq.globo.com/ Name: _lr_env_src_ats
Value: false
.globo.com/ Name: _hzt.interval
Value: 20000

11 Console Messages

Source Level URL
Text
rendering error URL: https://gq.globo.com/(Line 299)
Message:
Error: <svg> attribute width: Unexpected end of attribute. Expected length, "".
rendering error URL: https://gq.globo.com/(Line 299)
Message:
Error: <svg> attribute height: Unexpected end of attribute. Expected length, "".
rendering error URL: https://gq.globo.com/(Line 299)
Message:
Error: <rect> attribute width: Unexpected end of attribute. Expected length, "".
rendering error URL: https://gq.globo.com/(Line 299)
Message:
Error: <rect> attribute height: Unexpected end of attribute. Expected length, "".
network error URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://buy.tinypass.com/checkout/template/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://cdn.tinypass.com/api/tinypass.min.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://buy.tinypass.com') does not match the recipient window's origin ('https://gq.globo.com').
security error URL: https://cdn.tinypass.com/api/tinypass.min.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://buy.tinypass.com') does not match the recipient window's origin ('https://gq.globo.com').
network error URL: https://buy.tinypass.com/checkout/template/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://buy.tinypass.com/style.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=105
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28197c958553d826b8fa1a2cec6f9a13.safeframe.googlesyndication.com
acdn.adnxs.com
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
aniview-d.openx.net
ap.lijit.com
api.permutive.com
api.rlcdn.com
barra.globo.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bidder.criteo.com
buy.tinypass.com
c2.piano.io
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.onesignal.com
cdn.permutive.com
cdn.polyfill.io
cdn.prod.uidapi.com
cdn.taboola.com
cdn.tinypass.com
cdnjs.cloudflare.com
comcluster.cxense.com
connect.facebook.net
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
eus.rubiconproject.com
experience.tinypass.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
globo-ab.globo.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gov.aniview.com
gq.globo.com
grid.bidswitch.net
gum.criteo.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
ib.adnxs.com
id.cxense.com
id.globo.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ivccf.ivcbrasil.org.br
lb.eu-1-id5-sync.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onesignal.com
onetag-sys.com
p.glbimg.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
player.aniview.com
pm-widget.taboola.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prg.smartadserver.com
region1.google-analytics.com
rtb.openx.net
s.glbimg.com
s.seedtag.com
s0.2mdn.net
s2-gq.glbimg.com
s2.glbimg.com
s3.glbimg.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssp.disqus.com
static.criteo.net
static.infoglobo.com.br
stats.g.doubleclick.net
stg.truvidplayer.com
sync.1rx.io
sync.aniview.com
tag.navdmp.com
tags.crwdcntrl.net
tags.t.tailtarget.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
usergate.globo.com
usr.navdmp.com
vast.aniview.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.npttech.com
141.226.228.48
141.95.98.64
142.250.185.130
143.204.215.39
145.40.97.66
151.101.65.44
162.19.138.117
164.132.25.176
167.235.124.59
173.0.146.5
18.158.175.190
18.239.18.88
18.239.83.91
185.64.190.78
186.192.81.117
186.192.83.2
186.192.91.5
186.192.91.9
2001:4860:4802:32::36
201.7.177.252
216.52.2.16
23.108.102.2
23.32.184.192
23.35.236.188
23.56.202.187
2600:9000:2127:d600:a:e047:753:a221
2602:803:c003:200::45
2602:803:c003:200::77
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:3037::ac43:9bd7
2606:4700:4400::6812:29aa
2606:4700::6810:5614
2606:4700::6810:cf3
2606:4700::6811:180e
2606:4700::6811:7611
2606:4700::6811:c376
2606:4700::6812:907e
2606:4700::6812:d73b
2606:4700::6812:dff8
2607:ae80:192:1::173
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:802::200e
2a00:1450:4001:806::200e
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::201b
2a00:1450:4001:812::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3500:11::215:14d7
2a02:26f0:3500:595::2c79
2a02:26f0:480:ba2::268b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::282
2a05:d018:d29:3601:4a2f:8181:9d4c:7740
3.126.67.76
3.75.62.37
34.102.146.192
34.107.254.252
34.110.201.227
34.120.133.55
34.120.135.53
34.149.50.64
34.151.224.123
34.240.241.48
34.95.229.88
34.96.70.87
35.186.253.211
35.190.39.111
35.198.44.170
35.201.123.184
35.211.79.33
35.241.9.51
35.244.159.8
35.71.131.137
37.252.171.21
44.213.182.94
44.238.176.231
46.228.174.115
46.228.174.117
51.89.9.252
54.171.10.251
65.9.66.104
69.173.144.165
95.100.82.37
96.46.186.182
96.46.186.186
98.98.134.243
00cc63cd6ed4b645ed0a274e431628073d79150a2e0a3c20c5ab2685abc43c95
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
0152bd2a790c685e9094cfc5b087cfd6d96d3a233e99e4ce3badcff8a9e17854
0213165f17c942a002a9ab00385e768717b2a9ebe889cdb37f092d3bc7715f33
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
052af0d6073dae1bb637d84bfc04381c7e09a4731ac81eafff94daaf636d6f83
064a772ccd1d039c8b5a1f89c5127fd82c0f8d231d97abe44844a531b3640df6
06b2050ae62b0a1f9db2edf537cbd800a9b75915ba3a42e45573ffb0d9230599
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b2d8493e84e78752b5bbb607bd9f46e22dd3f48714dfa9795fbab8c93a90f8f
0d3adf1667c176f7c41d755cf6ecc6fbfdeb9c37102a78d4cb3f784864a7fc35
0dbf119554a41490b0f0a4c6c8a0a75e3d6a98bee44df012f8d4aee56fd950dd
0e9a85d9531e72c3a179a414fd5e5fbe3b9194b7ef05b5fbe7c44339a1794842
11d31615ca8c55c13a434103484dc51d06dcaa295c5cad185757167d6241df1f
126c5f0c8c4cd0135b5e9ffb1c113a6f229de3f89bce9e099b3c85bea641bd7c
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1400784a68cb4eae097b868fb71f712ec7132ac92b3847eb48219e886c943d3e
14e1fbd6edbe49c7614a7eaa6bf54e7cd098a1048c8eb21dfe24503ccc706745
14f386f7c5c13cd3869ac5018708bbe38719848f6511636bd7cb3b8c51586cfe
15a2c119963d6bf7f267006258b5ee21f4c9515a368d3988bd9992e9324effc5
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
19f7146cb68a9d8a25baa06a5aa87742aa1126df4eed16a75798436d61138118
1a1b53715d0f74ff408e5e723719b8c7bf96c3bff7869080855f8fa21750ebc3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d00ab80903ea23ebb7a0ba54d171d39a76c6adf2f2710d454e9a33a8456e1f9
1df8f33d9a0c7df8972d38883573e4600dc53c15896c92e13ff7cb739f523b85
1fc6bdce7fc5b53e1bcf470f336f92be66319523572790401e50b00d1efdec92
210386e617b9dc6c08f6e7ac33b4339a900e42a48f8e19554f220db1bfb8f50c
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
223e97d3bb390ff95ac0ad68e06b3daf0eedc98943c49f54a3a262dc50f53280
238eeb96101f1e73565c05324065956a52decd037f8e42827f018fb50f754f62
23ba40cdadd1f5b8bed1bfa83b1bb1b39b6fc58692ffddff2176cfcaef6cd43f
23ccc2eb5ab2f26dc90911585b07893758e681dca2f83417457640c91a407fb9
24a671a8627b964ca6d1f8856204d86784f1dd59c230d1606e653e7af3c45653
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
25c910144bbd855cafbae20f862026b800fb5e38d85f02c5370e62130c9c774c
25e74bc5bb422e694c46b0a0dbe5e34b7489560790b80c6467a539ae8b0fd458
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
26b8467b8a9815be53ea97cc234320137550289fbc8cdab9a1960bb21f728e25
283fc8755468ae18502e782c7e5f9c3a3bd1e726f870fefd3f3490609f65bca1
2af921f96b618475ba87948891bf844483be715971a4d4b69c4b596afd6c1691
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2da752fd10206a04902212cfbc3acb1d38d0fe932d1f43e3e223226b8375b550
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
2fba4b98ccf67203f312371d0f0e4bbab645ccaea30d9cc90a80f0daefe1bfa5
30d0b1a3b116fe306de4d03f47099694dd243baaaf559c39aa95a3e6c95ce9a3
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
33b29629948cbdc114ae7d26b905d037bd1fa2b93f4a107ddd227cf78d9b4fa7
344a3f20ef266859578f11065f8834b44db13f7df3b2b4c66533c16241f22be5
351cc6c2876c759e858af234fcc3879499b44c2edb6f77807a6971fb6d55a2d6
387ae1140b5a04c2ed990b6290cd2f75ae96680ac56c736d44db4a54e9fa944b
38e66d18b8e584c2ec683f5c09f668a7fb4d4994b4e33a54f904151d9761d313
3a9a9405da89d4a9d225dd74b87b0011415b870ea2e8a5a239d369dde3c78bbf
3ac93fe8beb861cf87d45219d1846a359382bbb1605173dba9fa3c3f4f8dfe50
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41bf4686e95c371d9a68dd5f0258dad3e3c881e4916170c5bc4c9e6818a2ac17
425c887bd8caee3ae355f251cb53649dd492f884523e1609ce4437ef70edc727
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
43aca9eaaa6979c0921402b48ea237e6ab903558a3a054b1f6366d3dfa230a0c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4615cea73135743318a93521b0bb506f6b28217a54c8f2fd3cc3e4e448619959
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469de723997ce6eb57df3a495db1be8cac72b9b275afb849906ffb9f82aafcb1
46a6aaaf6df31d937c3a6e771f2b432359f715666c1d8f106c759eea4484e200
47a6f2faca095adfb6b040e84a6c1b18853adfe9f083339730c23e4d0393e1c7
47b5feca65868325015932c2e33e33efba99b962ffa3e0199be2711f4e3eba0e
47f0f7b5f1d27bc9c731cae83bf7a2ff5ef9ccd1b529976a9093ef6fae5868dc
487fc68fee1d36804c442c5bb0e1ad81e0d90b4efa5b205bb8d792244c4c0371
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49f25ffc5043a80b161f483349cf7cb392038d58216d16e40e34f2ea81c5dc18
4a27611ccc0fbc3ab700907de58105dea410633166202d4d4373bf79b675d428
4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4c4cf15138949e4aa75df8077642b14c35debd3700d2416f89a7bb4f98aab8a4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4fc159c1f50afcd6c49797b8318566b5e413a5d855d9c14555bb200787cbf439
507acc179bfa7c929b83831d028f83b5fa85a02c9426588657ece1da51ae6b43
517564a648e52fcce073bcfa37badfba4c16249fc03f959eb73e46fa1e9e5e4d
5213346629f7c07797cbaf797c61d6f645633c7c0d175279ef8a40d47b6976e2
528b007d1713e20b372c2ee06521928a650fcc1a5c928c9c7468d02e341e248f
52e4b6d24bcbda905bd5e1701c6af6280763332dbb08b46310962331c8d478c9
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5526de640b8a955cded2558243e36af335e7b0722c9ff1cc091d329b12a6eebd
557174b778c97e5db2db381022c13e3359f1753acba777932ce7cf732d32b110
55e355a0f86d6f7fe3b0b20bb64ea0f01c1a846f732cb38a7c89f07bfea8b6fb
5640ebdae015f7e5dc1092ca1e4d5272e957c89cf0bbbb95e98942e6cf5c3fdf
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
585ac96a5411bbc137440554c2c1ede75f336ca229e7dceec92554d53f65fa79
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
586dceea85586a8d905372beba2a93c85b2696e8df4ff9623886b8ee412c5f34
58a92be9689dd093a3a3e264cf3db88295e260759302b6f2fe4a17faf0299913
597a3bea205e2976b14b6d9af47e3fa9efb2adae6459434cd28f7c26fdcd0703
5ae725510297fb91c428a7669079926ad709f0526c39341d056611dbb2be4eb2
5afe98affdf49aa3bc7d6bf163f2bb26759f15df90322cb80e25b888d3afaa96
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5b5536f11666fcce98299b628a4838bd5b28934b117d17c293366d0045415019
5ba8dfb0a5da80cc2ed29adaffd0d1c9573662ae3a98868fe6410b0b309e5ad2
5c4eaa6a74eacf18f95554dd16022ef7c783a5c610685af054e25a175817ab34
5d12203f9c2c44c4e53ec62ce840f24451415eab8ea7efe7c4ee480a0e41cd68
5e05e35e826701aeaeea6e6988b00afaf3aa5cc0b62e8c5f0280cee358410012
5ed8a65164df74af30d20dc7b8971f90624f8549901fd1fe837485267b94a5d4
5f009281569fe8550876628a8c76448f2fbd281f9edd6a850355dd37c4b79c91
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
60f52d034d5da2c2451a148186beb02c2f464cfd53c5e8bf09c804d3ff1c6ce2
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62023892994a076b2eca66194011febfcc294b8cd41084bd243bd97492f1c365
63b7f35b863accd55d7233b8134486a73a7e3158d420e50891fe05e171efe33c
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
6621912d07a2de8622885fddfd9a6ce5f5bdb3a0923d599fa2bd70982df19029
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6732dc12885ba1653a6811de4d54ee31ff63e370606bf9fc092f5fb6538c136d
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
690aff5fbae71df212e1b4d099cdf8e558048c8f78405ec71db1c58791c80d3d
6b37c75dbc0ad1368622265600d903b3cf22d7dc64e6bdd07959c4a88c0474e6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
74ccedc8d6c9c1105474d8a0354ade4fd3ae65dfba1208a7a3b0c7e11bd7ea09
7546b016636f90591efb92a44259b3828aebc23685608ead248cba5af3216de7
758166e9b42e75b764bca7945de29c8295767c45cb446580474dd09554d9350a
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4
7759d6bdc3a7ab3ae2a3c19c724c3da402c3a2915151420b829776115e08c018
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
798eccb7180ba9b3c6c872d6a5b618e3c8b345940448a8a49ed1fc7b3f614d16
7a282354be8e80edaa0b8c5bb56e3552d9e879386fcf656c89589ecd876a8795
7aa2e57f4d824a5a7c0300853c4f988be1d8b444030878c67ea16aab7dc12507
7c4a10dcc500424a1c3ecca481420214f32c060092dd12168ee38ac844fc2ac5
7f49ec0f2299c81c9104d1998f2f647822ec558764050246eded3b8a6a0f5708
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
810e30ed1b78cd1ece4262c601cd43372c766239e17baae3d6a89361851591e8
813d6b47814a757010a8ba6091e503dc97ac1391b93d7090538aadda7bc7cd85
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
820274c9386675d6237a86daaa2a517b1a33cd272f714718d078e095ccbbbafc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
853f89d8c03638382884ca2b33263ccb1756701fbab7f4a26a9f08da786b322f
854b8d9e537803c426ea2461ef169a2ae14d12f6962d109281f8d53946fea2b9
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
88b5d3d3501a35e93441969a766d4cdf3d9f5d87d4534e13d1d7d64793cc6006
8a37c7c21f5f3c55f2b593253aa222d8d0675b00f482e157fccb2a1a56e5d1c8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ecc3827389f4c86cb8d5c5d3c5926d7e16268aaafef093ab3e124876e1f0813
8edd53767a5f64b92be33f2ecd85ff0873d98854bf380b0cdb12eb27171da81a
8fb13e7ff9b21f8833e49859d387eb09cd9b96608beaaae1152c1fd61514f5b4
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
9215fe6e610adb60ae16fb119294c2bd084fee105990f1424ddbf51e70720eeb
92837a1013b652516b57120f4111fbb03524064703ac7465f751cb36b4b1bb6c
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
9404f378a176542a53e1824335ba817c91a37ae0d89ffe5d5ee43653afdb1a00
95035af12e7364165cfd8733ce106f01f5c40ec64b5d6b3cb033404e99eb2292
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
957471e69f25d4f4d19ff6810590d0019eb04044f56cc2fe09ab616bd02bbeb1
95a1096efa3a283ffce06c47df2e1e4133dc412aeef5412f3cd1ce0638bc0f07
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
9804b64a5810b70bcfca114cd47bfd6609498c65e09e7b695f894a5b1f45f4e4
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9b2e90b07d3810e2e9b98f6c69fc6054e5720706ce8a56b93f768135a629b944
9c6d25449dbf732a4eddc265e07b5af38ac04601e67666b218e4a3f7fa496628
9de3a1865a3cd0812ee1e7450069142c501360c345cf2192efd56e665d60537c
9deb4d2f74ba2509252fa0666e569eca079f4be0c39577d9de580599b98c5318
9e4be079d0ef930f299a9b5da6770250f0891de375c039496e80cbc5f7a41575
9e7246e5b43cf659bff57f2df76a526e18ea79572ee699879a6a2b7a8fe88cc1
9f87f3127514fd7faf0efe9ccea74308f11aef1e7cf2c7e0905498aa3c43f6b4
a03b95106083a9a0c3e7797983627487d10cc59a1a4d5b576aecb19464d9fc5a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12562c133614c0b6e2675cb1b4d617d63d0690aa2fb28fa83b37e1356b301ac
a2e27abb6b7eb21d99d37021c1100f2c6fdbc12eff318e61392211381bcf95af
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
a4f898c86b3afdc277ff3d2af3640e01239a5fe8c1d481cb6fd0e34bb3e225f3
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5db7b0db2ef6df2f6f99f9ffaf86097828fa49df1a6dbeec87267f8e8ca36bc
a5fb71968c62c1e84aebf36c57c13a32cd43d2962a231708a5b0f8a1273d95ab
a9b43c701203c11d43f48787fab247fc99267fb902710f0199b448286ba7ab93
a9befdc12d53f6746e5f6b97072109af0ec9c71bdd6517cc5199c2b1d295d616
ac9a19e1c87802a0542f754d3786bc70681cda30eafd9d204f293bff57fe0ca1
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
adfb1ea6d98241db3c29f5ba2259616477b5d2ca909044c08b97ea8b16ab91c9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b060117282dbdaf1b1de16797bc69472778b30c2615492f0c9bf25af6105d1ee
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b6a09251dfdb96bb8a73aeabee416131dfe2a4410bccfaa2f4d089a6642051
b30e332b569a4d1d3e934db078b1548179ceb8de1c861f521f7c9f8c46433501
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b496fae0bf22e95b2ff8eb5477cb418c118245ac7e9a042dc5bac4a59e7ec249
b4a0a02f61301af57fa96ac6302fc3623adc60c1e151c77054fa87c97704b25a
b5f80ba474cd2d942d8f30e1777b370382de7abc4a142d0e346cb2e2575f7138
b700933725d868156ed61a12e2b4a504e6c9f5c2b234a7330a6a41407c7f35ba
b780e13bb7d2087bc3eb60588f4bdc2c58305ad272f0b682834d5954a1797852
b7a00c9d4dabb90adc79877ff34fc831de5393a7b938e1f4f7c3325cbdbd6e87
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
b94be39f481ee9df44f814484910ce7ce5f712e55c210a0d76ee162b3ac5fc03
b9deac08511b98fa127fcf0d07e132b58d85b56662aabeafd82029d6257cdd2f
baa1e321fd815ef7c8bec6e9daa2ef002aadb656cc27cfdf6661dfdac33e0cda
bca8a0a2ebdbd0bfa7cb24d673bc5a49dd48fbab972742cbb875651a74cfe6ad
bd3a4d8bf0c729b06a3dc960854b7cec069097c4447ac6ce4606a1d18d8dd9b9
bdd8a03d4f991abc68b26860acf789b9ab8b01bdb33b59a9f5861e68ca07f6b1
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
beade67a5ba184743b37e74ec960a1ce88b5f8e775b7b1032a29e55a89689c4b
bef005b225fbeb72fcd4d7674c38fe50c24a2b7a632ae5ae98cc13e54e091be8
bf1d0703849876e90ce5895df5b2226be27b18d74ecebdd4841fb784fd82d3c3
c024a500b6884e87cb923bdfab0b6303d5130c87bd4e00612ea410613e765faf
c0481712fe5bae84f1b02cc375afad77dc9e141437602c3a0717739654e9a003
c0dfa41b2d4fa3807f0af808f79cfbad0375d767bbded26906bdefac0724a6a7
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c1f11b524b2979da6fb9dba6c058478033c9f6fa88ad5b1063f601d82a07925e
c2406e05a30a7a5d4afe4e7154f3cfa0b859de69aca0b52c88eae016f0ca1075
c2c9bff51d490b1c2f56f31641fe0c2cf91d0f7cc8c39892ae844b2172801d42
c4eba1dc71e28457f655d97a4b5882afc4cc977f94c2c9e508adb11ac7d325e2
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c7b77034ef83570174a337a5452ec92a4de44f3381d122523fc30d62aed8ea7d
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
ca22ec36e96866d361361f15d48de6cc691c224e8da36514af0ab67f8b4964ba
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdbe9b84c30a00229826b0b1e354c94d36dd6bf16e6580bbef43877689c8f5bb
ce0e7b8835e0262312af0aa3f780503b5a18f7def6196ba2c17885df343adbff
ce4dab5b138ccbbb9742103a1dd9dc52cf3b13789027e4ea0e1821cd27c69a5b
cede6b4d3db7dfd01d7d6e9bf322105ac466e167be6ca281e9ac500b1f302194
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
cfc04e586c24e742d4778659627dee624f376a809572ee27dc9ee5f861e57ca5
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d12c00ca59622952f1c4364f911b58b69eac24889b3adf4510a70e32ae6d2c97
d130a4cf6261f982a97d3b4bcbfe2c9732e59ca6fd39418c21b9fbb6c77db830
d223768c8c211c108349645cb062a9dcdb5456e9abc8c6a36eb06366db6fbd5a
d27cdd06065a15594d1621ffe5b01dccd68cc0786ebbf056f61d2d5464dc4f9f
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d324e696d8eff869aba1a11fb57ee5ff41d486c1f4c0a4c41e70c705e8194cbd
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1
d594a2febde39c78c4e26b9c11758c6c25eb848eaa767477d340473bf4f8969d
d5d9331c6e3f64d37a293a56c8e953b79b163d59405d633f7c79b346f849e450
d6c7e6ad800fb94afd9cfaf6dd1ff4f2022b21cd80b4cda59cda258730ee86d1
d750b4aef52ee08041bd9f344a4899b4187dcc064984192dafd038d0e09f15f9
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d9a88d548488330c2fdc31dd655203aa0044b8d954b0e1665e09b58965e52bf7
da18fadbd1c202775a8071a3c34a65cb5fef07b787d4b9d277b952a8e3d5b09b
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac9ce6b163b009d3fae39abc37e728afa2476e5dd0b5e5ac9480a9969fbbe6f
dbb8a07ee2515780441105ea9114506a727116bccadf6094dfaa48ed01587bd3
dcd021720c65ffdbfdbfb6a6f23f9c316778309aba46aef42c563c17bb7772af
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
df66b2daefa83ea07ed2ec98d26123c11c6c4738dfe3fff38b88cd28586bd24e
e36404e27aaf8b46c5d9c37ad066e1a259e8611ff25ce2ad527e09e6dc875cc0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79
e45736138c5eec91413f6d5d6d44ceea36e54dec41d4dfd257a052dc11a853ba
e4adb1d732164e29f2aa6347013c50e377f74434fa686c7959d37b2684d1afe9
e5da5280ed72348b4248215a28229dfde619ce861841122d453d1810291d8bc0
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e703e0f917bf9674b8f2d527be7ee015dc4bb39de7ebba594b7f892c663726ad
e79632edd9be8df96e2a000cd115229e1110f730476483b68f539b00ec054df9
e85a36b8cf8a19b9b9f77a0f2d7e92ae1701afe62731dff99bf020808eb5a562
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8c872529db6f1ed7ac99e51dac39635392e75f033bd4ad1f99ffa63c6282228
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
e96aa7c60bb144fee6bbdbcc58f8b542df774635705f3b3f1211a706b3516bfa
eaf60f3e825f33bb67b35b00ecafbb30e525e4abd4906b70b4c19f9a894c8373
eb5c500ac44da132d4655d228ea5a4b379793c0d3a7dce2a26822b4bc02f85c8
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec0d8435d5d30bc297e0b2db3f87fe8fc998b3440d56f33205e702c57a84443d
ec18ebaedb655fd8c94eb9c8160e218920dbe41c7059171f06c03d0dedd5010a
ecbd722c399d493daa752e0e478ad1d77349720bfb6bb274cdf079e62e641fa2
ed36f6447131420db97c10f205103d50e2e72da1aff0e257fae350d5b6ca895d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a83b6becd906b85b94429b38e4a2211ee929a9b51cbb262328cb7b89c926c3
f42d8c0362c15ec6f6891165e8b651e3551b76e79370a96be2eb2f47615de7aa
f4c52d6a0df9e992bbf6310f9d9ff6eaa91f3df36d5d2350867e0702e325ecec
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f658780ff4e0ec7b60e3e7a55549d6b31536ac878493ae579d7a75e53adcd978
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7ab917c78e9a4eaacd4df4ac7ed66b415576f37b58336b390bd5e450d359ada
f8c4db2b56d42875895a1f46a852f9260c30c3f7f3e9bd1c8fb7d6fa331b781b
fa614642f7e3e6eab1f82e2fd370e94d6ab3816f94654f5a5b5917788b7930f4
fabfd5922cbfe6a5a7a8638983fc73ef00a30da4c9e801d660f1db8a6589307f
fd8cd065dbcd1620161f23eba89970248a8d5b27cf0df9e150855c4e199d430b
fed9dd3611052591444c4c9b088d411f4c61a5431fb9f12d1f40dbf6abe7f5db