urlscan.io logo urlscan.io
SecurityTrails logo

revistaquem.globo.com Open in urlscan Pro
186.192.81.156  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://revistaquem.globo.com/
Effective URL: https://revistaquem.globo.com/
Submission: On April 14 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 139 IPs in 13 countries across 109 domains to perform 908 HTTP transactions. The main IP is 186.192.81.156, located in Rio de Janeiro, Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is revistaquem.globo.com. The Cisco Umbrella rank of the primary domain is 192084.
TLS certificate: Issued by R3 on March 29th 2022. Valid for: 3 months.
This is the only time revistaquem.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20 186.192.81.156 28604 (Globo Com...)
6 186.192.91.5 28604 (Globo Com...)
27 186.192.90.3 28604 (Globo Com...)
4 201.7.177.167 28604 (Globo Com...)
5 23.35.236.209 16625 (AKAMAI-AS)
39 142.250.186.98 15169 (GOOGLE)
1 31 151.101.1.44 54113 (FASTLY)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 2606:4700:303... 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
12 151.101.130.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
6 151.101.65.44 54113 (FASTLY)
19 186.192.91.9 28604 (Globo Com...)
2 151.101.129.44 54113 (FASTLY)
2 8 13.32.121.17 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 108.138.17.83 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f11... 32934 (FACEBOOK)
6 151.101.194.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.222.236.122 16509 (AMAZON-02)
1 186.192.81.117 28604 (Globo Com...)
1 52.41.107.6 16509 (AMAZON-02)
22 52.50.214.249 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.139.40 16509 (AMAZON-02)
3 35.211.79.33 19527 (GOOGLE-2)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 5 2.19.35.65 16625 (AKAMAI-AS)
2 201.7.182.243 28604 (Globo Com...)
8 8 23.22.97.176 14618 (AMAZON-AES)
12 17 172.217.16.130 15169 (GOOGLE)
2 2 104.111.215.191 16625 (AKAMAI-AS)
7 11 2a02:2638:1::13 44788 (ASN-CRITE...)
3 3 63.32.228.167 16509 (AMAZON-02)
7 46 37.252.172.45 29990 (ASN-APPNEX)
3 35.244.174.68 15169 (GOOGLE)
7 8 69.173.144.138 26667 (RUBICONPR...)
4 66.155.71.25 13768 (COGECO-PEER1)
2 2 212.82.100.182 34010 (YAHOO-IRD)
12 12 213.19.147.45 3356 (LEVEL3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
30 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
4 18.156.195.47 16509 (AMAZON-02)
2 35.244.182.124 15169 (GOOGLE)
2 178.250.0.165 44788 (ASN-CRITE...)
5 2602:803:c003... 26667 (RUBICONPR...)
2 185.86.138.32 201081 (SMARTADSE...)
1 3.129.250.65 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
60 23.35.236.201 16625 (AKAMAI-AS)
3 54.231.161.120 16509 (AMAZON-02)
33 2a00:1450:400... 15169 (GOOGLE)
8 151.139.128.11 20446 (STACKPATH...)
9 23 2.18.234.233 16625 (AKAMAI-AS)
3 7 3.121.19.101 16509 (AMAZON-02)
4 4 216.200.232.253 30419 (MEDIAMATH...)
2 52.29.63.16 16509 (AMAZON-02)
3 5 18.156.0.31 16509 (AMAZON-02)
1 2 142.250.186.70 15169 (GOOGLE)
16 141.226.228.48 200478 (TABOOLA-AS)
1 201.7.182.142 28604 (Globo Com...)
4 35.158.19.170 16509 (AMAZON-02)
12 52.222.210.175 16509 (AMAZON-02)
7 178.250.0.157 44788 (ASN-CRITE...)
3 185.64.189.112 62713 (AS-PUBMATIC)
3 34.241.231.109 16509 (AMAZON-02)
3 216.52.2.30 30282 (AS-INAPCD...)
3 147.75.38.124 54825 (PACKET)
3 34.107.148.139 15169 (GOOGLE)
7 146.20.128.115 27357 (RACKSPACE)
3 46.105.202.126 16276 (OVH)
4 4 23.88.75.188 24940 (HETZNER-AS)
20 146.20.132.192 27357 (RACKSPACE)
5 5 2001:678:cb4:... 56396 (AMOBEE)
4 6 34.205.3.24 14618 (AMAZON-AES)
12 2a00:1450:400... 15169 (GOOGLE)
25 146.20.132.170 27357 (RACKSPACE)
6 51.195.5.40 16276 (OVH)
2 151.101.193.44 54113 (FASTLY)
3 14 35.71.131.137 16509 (AMAZON-02)
1 8 2600:1f18:612... 14618 (AMAZON-AES)
11 11 185.94.180.125 35220 (SPOTX-AMS)
13 23.35.236.188 16625 (AKAMAI-AS)
6 185.64.189.226 62713 (AS-PUBMATIC)
3 9 2a00:1450:400... 15169 (GOOGLE)
4 34.98.64.218 15169 (GOOGLE)
2 185.94.180.123 35220 (SPOTX-AMS)
14 104.109.78.125 16625 (AKAMAI-AS)
6 2600:9000:224... 16509 (AMAZON-02)
2 14 69.173.144.165 26667 (RUBICONPR...)
1 2 52.95.115.255 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 4 2a05:d018:d29... 16509 (AMAZON-02)
4 23.35.237.151 16625 (AKAMAI-AS)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 141.226.224.32 200478 (TABOOLA-AS)
1 18.135.183.184 16509 (AMAZON-02)
1 1 18.134.84.23 16509 (AMAZON-02)
5 5 54.75.174.52 16509 (AMAZON-02)
3 3 18.194.183.160 16509 (AMAZON-02)
2 72.251.241.206 29791 (VOXEL-DOT...)
1 178.250.0.130 44788 (ASN-CRITE...)
2 4 209.54.180.3 16509 (AMAZON-02)
1 6 185.64.190.78 62713 (AS-PUBMATIC)
11 185.64.189.111 62713 (AS-PUBMATIC)
1 2a02:2638::3 44788 (ASN-CRITE...)
2 3 37.157.6.241 198622 (ADFORM)
2 2 213.155.156.183 1299 (TWELVE99 ...)
6 185.64.190.80 62713 (AS-PUBMATIC)
2 198.47.127.20 62713 (AS-PUBMATIC)
2 2 141.94.170.64 16276 (OVH)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 169.50.137.182 36351 (SOFTLAYER)
1 1 2620:116:800d... 16509 (AMAZON-02)
12 2.18.233.180 16625 (AKAMAI-AS)
1 3 77.243.60.138 42697 (NETIC-AS)
1 2 3.208.213.85 14618 (AMAZON-AES)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 3.141.212.22 16509 (AMAZON-02)
4 4 198.148.27.139 19189 (PULSEPOINT)
1 185.86.137.132 201081 (SMARTADSE...)
1 162.55.120.196 24940 (HETZNER-AS)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.94.73.195 16276 (OVH)
2 2 141.94.170.77 16276 (OVH)
2 3 52.30.14.23 16509 (AMAZON-02)
4 204.237.133.120 62713 (AS-PUBMATIC)
2 2 35.227.208.19 15169 (GOOGLE)
1 35.201.81.244 15169 (GOOGLE)
1 1 34.102.253.54 15169 (GOOGLE)
2 2 37.252.172.123 29990 (ASN-APPNEX)
3 38.91.45.7 398989 (DEEPINTENT)
1 14 34.248.76.8 16509 (AMAZON-02)
2 52.214.225.4 16509 (AMAZON-02)
16 54.171.196.80 ()
2 34.239.97.35 ()
4 18.195.155.181 16509 (AMAZON-02)
3 3 23.35.236.247 16625 (AKAMAI-AS)
1 3 52.59.41.116 16509 (AMAZON-02)
2 35.186.253.211 15169 (GOOGLE)
2 178.162.133.149 60781 (LEASEWEB-...)
3 3 13.248.245.213 16509 (AMAZON-02)
2 54.228.116.54 ()
3 4 70.42.32.127 ()
2 2 34.199.172.6 ()
2 193.122.130.38 ()
2 2 50.31.142.191 ()
3 3 63.33.77.67 ()
3 34.241.76.6 ()
2 185.86.137.122 ()
1 3 151.101.130.49 54113 (FASTLY)
1 1 124.146.215.42 ()
2 2 185.184.8.90 ()
1 1 52.58.249.203 ()
1 34.120.133.55 ()
3 52.208.103.128 ()
3 23.35.228.23 ()
2 2 51.178.20.140 ()
908 139
20    186.192.81.156 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-156.prt.globo.com
revistaquem.globo.com
6    186.192.91.5 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com
barra.globo.com
s.glbimg.com
27    186.192.90.3 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com
s3.glbimg.com
4    201.7.177.167 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
static.infoglobo.com.br
5    23.35.236.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-209.deploy.static.akamaitechnologies.com
tags.tiqcdn.com
39    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
31    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
nr-events.taboola.com
trc.taboola.com
15.taboola.com
vidstat.taboola.com
wf.taboola.com
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
4    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:3032::ac43:bf95 (United States)

ASN13335 (CLOUDFLARENET, US)
www.npttech.com
9    2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync.navdmp.com
cd.navdmp.com
12    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
tsdtocl.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
c2.taboola.com
imprammp.taboola.com
impr.taboola.com
match.taboola.com
19    186.192.91.9 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com
s2.glbimg.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
widget.perfectmarket.com
8    13.32.121.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net
sb.scorecardresearch.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    108.138.17.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-83.fra56.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:827::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gadasource.storage.googleapis.com
6    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
1    186.192.81.117 (Rio de Janeiro, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com
horizon-schemas.globo.com
1    52.41.107.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-107-6.us-west-2.compute.amazonaws.com
ivccf.ivcbrasil.org.br
22    52.50.214.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    18.66.139.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-40.fra60.r.cloudfront.net
vars.hotjar.com
3    35.211.79.33 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 33.79.211.35.bc.googleusercontent.com
horizon.globo.com
horizon-track.globo.com
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)
experience.tinypass.com
cdn.tinypass.com
buy.tinypass.com
5    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
2    201.7.182.243 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
cocoon.globo.com
8    23.22.97.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-97-176.compute-1.amazonaws.com
usermatch.krxd.net
17    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
cm.g.doubleclick.net
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
11    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    63.32.228.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-228-167.eu-west-1.compute.amazonaws.com
dpm.demdex.net
46    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
fra1-ib.adnxs.com
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
pixel-a.sitescout.com
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
12    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
23    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
30    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
7    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
fec9fe8de1b879341a5e33774e1c28ef.safeframe.googlesyndication.com
aca576afd1bf443543c13a542593589f.safeframe.googlesyndication.com
29f33738099d8a2ba9033c0012e3fcbd.safeframe.googlesyndication.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    35.244.182.124 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 124.182.244.35.bc.googleusercontent.com
s.seedtag.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
5    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
13    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)
c2.piano.io
60    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
vpaid.pubmatic.com
3    54.231.161.120 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
33    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
ad.lkqd.net
23    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
7    3.121.19.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-19-101.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    216.200.232.253 (Monrovia, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    52.29.63.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-63-16.eu-central-1.compute.amazonaws.com
a.vidoomy.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
16    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
1    201.7.182.142 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
usergate.globo.com
4    35.158.19.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-19-170.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
12    52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
7    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    34.241.231.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-231-109.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
3    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
3    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
7    146.20.128.115 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
3    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
4    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
20    146.20.132.192 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
5    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
6    34.205.3.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-3-24.compute-1.amazonaws.com
sync.srv.stackadapt.com
12    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
25    146.20.132.170 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
6    51.195.5.40 (France)

ASN16276 (OVH, FR)
PTR: p17.id5-sync.com
id5-sync.com
2    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
14    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
8    2600:1f18:612b:4232:6e00:7b23:6545:3513 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
pbs.publishers.tremorhub.com
11    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
13    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs.com
6    185.64.189.226 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
9    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
vidoomy-d.openx.net
us-u.openx.net
2    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
14    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    2600:9000:2240:aa00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
14    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
4    2a05:d018:d29:3602:8032:ea84:336c:262b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
4    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
cdn.stickyadstv.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.135.183.184 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-183-184.eu-west-2.compute.amazonaws.com
geo.moatads.com
1    18.134.84.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-23.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
5    54.75.174.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-174-52.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    18.194.183.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-160.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
6    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
11    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.183 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com
d5p.de17a.com
6    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
2    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
3    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
3    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    2620:116:800d:21:fcb8:22d2:d390:5f1b (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
12    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
3    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    3.208.213.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-213-85.compute-1.amazonaws.com
a.audrte.com
1    2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
5    3.141.212.22 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-212-22.us-east-2.compute.amazonaws.com
vid-io-cle.springserve.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.94.73.195 (France)

ASN16276 (OVH, FR)
PTR: bixel-2.cloudy.ovh
green.erne.co
2    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel-eu.onaudience.com
3    52.30.14.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
4    204.237.133.120 (West Chester, United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    35.227.208.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.208.227.35.bc.googleusercontent.com
cr.frontend.weborama.fr
1    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
2    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
3    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
14    34.248.76.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
2    52.214.225.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-4.eu-west-1.compute.amazonaws.com
vid.springserve.com
16    54.171.196.80 (None, )

ASN- ()
sync.springserve.com
2    34.239.97.35 (None, )

ASN- ()
sync.bfmio.com
4    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
3    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
3    52.59.41.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-41-116.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    54.228.116.54 (None, )

ASN- ()
ads.yieldmo.com
4    70.42.32.127 (None, )

ASN- ()
sync.outbrain.com
2    34.199.172.6 (None, )

ASN- ()
sync.ipredictive.com
2    193.122.130.38 (None, )

ASN- ()
sync.technoratimedia.com
2    50.31.142.191 (None, )

ASN- ()
b1sync.zemanta.com
3    63.33.77.67 (None, )

ASN- ()
ad.360yield.com
3    34.241.76.6 (None, )

ASN- ()
usersync.gumgum.com
2    185.86.137.122 (None, )

ASN- ()
ssbsync.smartadserver.com
3    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.42 (None, )

ASN- ()
tg.socdm.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    52.58.249.203 (None, )

ASN- ()
i.w55c.net
1    34.120.133.55 (None, )

ASN- ()
api.rlcdn.com
3    52.208.103.128 (None, )

ASN- ()
id.crwdcntrl.net
3    23.35.228.23 (None, )

ASN- ()
contextual.media.net
2    51.178.20.140 (None, )

ASN- ()
gu.dyntrk.com
Apex Domain
Subdomains		 Transfer
110 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 461
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457
t.pubmatic.com — Cisco Umbrella Rank: 4364
vpaid.pubmatic.com — Cisco Umbrella Rank: 5876
image6.pubmatic.com — Cisco Umbrella Rank: 622
vid.pubmatic.com — Cisco Umbrella Rank: 8516
simage2.pubmatic.com — Cisco Umbrella Rank: 620 Failed
image2.pubmatic.com — Cisco Umbrella Rank: 898
image4.pubmatic.com — Cisco Umbrella Rank: 880
aktrack.pubmatic.com — Cisco Umbrella Rank: 1011
aud.pubmatic.com Failed
1 MB
77 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
stats.g.doubleclick.net — Cisco Umbrella Rank: 95
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
ad.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
839 KB
65 googlesyndication.com
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
fec9fe8de1b879341a5e33774e1c28ef.safeframe.googlesyndication.com
aca576afd1bf443543c13a542593589f.safeframe.googlesyndication.com
29f33738099d8a2ba9033c0012e3fcbd.safeframe.googlesyndication.com
682 KB
61 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 248
cdn.adnxs.com — Cisco Umbrella Rank: 1424
fra1-ib.adnxs.com — Cisco Umbrella Rank: 8730
acdn.adnxs.com — Cisco Umbrella Rank: 597
secure.adnxs.com — Cisco Umbrella Rank: 438
345 KB
60 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 17737
v.lkqd.net — Cisco Umbrella Rank: 5777
cs.lkqd.net — Cisco Umbrella Rank: 3234
t.lkqd.net — Cisco Umbrella Rank: 11699
222 KB
56 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1059
c2.taboola.com — Cisco Umbrella Rank: 7825
nr-events.taboola.com — Cisco Umbrella Rank: 9416
trc.taboola.com — Cisco Umbrella Rank: 656
15.taboola.com — Cisco Umbrella Rank: 1961
am-trc-events.taboola.com — Cisco Umbrella Rank: 16542
vidstat.taboola.com — Cisco Umbrella Rank: 1976
imprammp.taboola.com — Cisco Umbrella Rank: 11958
am-match.taboola.com — Cisco Umbrella Rank: 12336
wf.taboola.com — Cisco Umbrella Rank: 2441
am-vid-events.taboola.com — Cisco Umbrella Rank: 11698
sync-t1.taboola.com — Cisco Umbrella Rank: 1247
sync.taboola.com — Cisco Umbrella Rank: 1005
impr.taboola.com — Cisco Umbrella Rank: 12420
pips.taboola.com — Cisco Umbrella Rank: 1596
cds.taboola.com — Cisco Umbrella Rank: 1493
match.taboola.com — Cisco Umbrella Rank: 2193
4 MB
50 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2630
token.rubiconproject.com — Cisco Umbrella Rank: 675
fastlane.rubiconproject.com — Cisco Umbrella Rank: 458
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3634
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1117
eus.rubiconproject.com — Cisco Umbrella Rank: 567
pixel.rubiconproject.com — Cisco Umbrella Rank: 350
199 KB
50 glbimg.com
s3.glbimg.com — Cisco Umbrella Rank: 56399
s.glbimg.com — Cisco Umbrella Rank: 69415
s2.glbimg.com — Cisco Umbrella Rank: 61195
581 KB
47 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1448
consumer.krxd.net — Cisco Umbrella Rank: 1852
beacon.krxd.net — Cisco Umbrella Rank: 440
usermatch.krxd.net — Cisco Umbrella Rank: 1217
431 KB
29 springserve.com
vpaid.springserve.com — Cisco Umbrella Rank: 7864
vid-io-cle.springserve.com — Cisco Umbrella Rank: 6072
vid.springserve.com — Cisco Umbrella Rank: 6065
sync.springserve.com
541 KB
29 globo.com
revistaquem.globo.com — Cisco Umbrella Rank: 192084
barra.globo.com — Cisco Umbrella Rank: 173520
horizon-schemas.globo.com — Cisco Umbrella Rank: 60324
horizon.globo.com — Cisco Umbrella Rank: 54388
cocoon.globo.com — Cisco Umbrella Rank: 122389
horizon-track.globo.com — Cisco Umbrella Rank: 47424
usergate.globo.com — Cisco Umbrella Rank: 107570
260 KB
25 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 669
cdn.stickyadstv.com — Cisco Umbrella Rank: 2345
163 KB
20 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 383
bidder.criteo.com — Cisco Umbrella Rank: 758
mug.criteo.com — Cisco Umbrella Rank: 2668
12 KB
18 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 302
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1212
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
127 KB
17 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1276
usersync.gumgum.com
6 KB
16 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 883
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1137
ups.analytics.yahoo.com — Cisco Umbrella Rank: 300
ads.yahoo.com — Cisco Umbrella Rank: 1132
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
7 KB
15 google.com
ampcid.google.com — Cisco Umbrella Rank: 1782
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
4 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
5 KB
13 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 531
search.spotxchange.com — Cisco Umbrella Rank: 426
10 KB
13 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
470 KB
12 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
225 KB
12 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 542
4 KB
9 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1681
id5-sync.com — Cisco Umbrella Rank: 699
37 KB
9 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 23010
usr.navdmp.com — Cisco Umbrella Rank: 27062
cdn.navdmp.com — Cisco Umbrella Rank: 5260
sync.navdmp.com — Cisco Umbrella Rank: 9135
cd.navdmp.com — Cisco Umbrella Rank: 249332
10 KB
8 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3426
pbs.publishers.tremorhub.com — Cisco Umbrella Rank: 6930
2 KB
8 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
3 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 289
3 KB
6 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 662
id.crwdcntrl.net
2 KB
6 openx.net
vidoomy-d.openx.net — Cisco Umbrella Rank: 32537
rtb.openx.net — Cisco Umbrella Rank: 1537
us-u.openx.net
1 KB
6 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 835
2 KB
6 media.net
prebid.media.net — Cisco Umbrella Rank: 1206
contextual.media.net
27 KB
6 google.de
ampcid.google.de — Cisco Umbrella Rank: 46741
adservice.google.de — Cisco Umbrella Rank: 7579
2 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
853 B
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 503
2 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 390
geo.moatads.com — Cisco Umbrella Rank: 583
px.moatads.com — Cisco Umbrella Rank: 419
226 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 769
2 KB
5 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1356
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 635
ssbsync.smartadserver.com
1 KB
5 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 980
47 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 901
104 B
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 578
2 KB
4 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2962
pixel-eu.onaudience.com — Cisco Umbrella Rank: 233509
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 884
i.w55c.net
3 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 985
743 B
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 445
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 602
pixel-a.sitescout.com
764 B
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 327
id.rlcdn.com
api.rlcdn.com
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 138
288 KB
4 infoglobo.com.br
static.infoglobo.com.br — Cisco Umbrella Rank: 285645
52 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 576
563 B
3 360yield.com
ad.360yield.com
824 B
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
1 KB
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 371
585 B
3 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1353
3 KB
3 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 919
122 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 19968
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 37912
722 B
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1153
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 825
1 KB
3 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1718
mwzeom.zeotap.com — Cisco Umbrella Rank: 1566
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 577
1 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1173
760 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 607
2 KB
3 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 573
2 KB
3 amazonaws.com
s3.amazonaws.com
38 KB
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 20958
a.vidoomy.com — Cisco Umbrella Rank: 10445
6 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 216
3 KB
3 tinypass.com
experience.tinypass.com — Cisco Umbrella Rank: 7167
cdn.tinypass.com — Cisco Umbrella Rank: 5158
buy.tinypass.com — Cisco Umbrella Rank: 4202
83 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 621
script.hotjar.com — Cisco Umbrella Rank: 818
vars.hotjar.com — Cisco Umbrella Rank: 999
67 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3059
onesignal.com
73 KB
2 dyntrk.com
gu.dyntrk.com
869 B
2 creativecdn.com
creativecdn.com
695 B
2 zemanta.com
b1sync.zemanta.com
576 B
2 technoratimedia.com
sync.technoratimedia.com
587 B
2 yieldmo.com
ads.yieldmo.com
69 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 868
1022 B
2 bfmio.com
sync.bfmio.com
156 B
2 ipredictive.com
sync.ipredictive.com Failed
889 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 824
s.tribalfusion.com — Cisco Umbrella Rank: 2497
1 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2378
4 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5130
637 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 632
59 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1504
816 B
2 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 7473
558 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 481
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 perfectmarket.com
widget.perfectmarket.com — Cisco Umbrella Rank: 3657
29 KB
1 socdm.com
tg.socdm.com
695 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3831
464 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 13104
366 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5914
277 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6220
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3142
104 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 423
536 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4481
511 B
1 tsdtocl.com
tsdtocl.com — Cisco Umbrella Rank: 7521
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
924 B
1 piano.io
c2.piano.io — Cisco Umbrella Rank: 4190
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
2 KB
1 ivcbrasil.org.br
ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 126441
461 B
1 googleapis.com
gadasource.storage.googleapis.com — Cisco Umbrella Rank: 63051
24 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
62 KB
1 npttech.com
www.npttech.com — Cisco Umbrella Rank: 4128
3 KB
0 tidaltv.com Failed
sync.tidaltv.com Failed
0 mxptint.net Failed
rbp.mxptint.net Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 bnmla.com Failed
match.bnmla.com — Cisco Umbrella Rank: 1605 Failed
0 creative-serving.com Failed
docker.creative-serving.com Failed
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 nexac.com Failed
r.nexac.com Failed
908 109
Domain Requested by
39 securepubads.g.doubleclick.net revistaquem.globo.com
securepubads.g.doubleclick.net
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
www.googletagservices.com
37 ib.adnxs.com 7 redirects revistaquem.globo.com
ads.rubiconproject.com
ads.pubmatic.com
acdn.adnxs.com
vpaid.springserve.com
34 ads.pubmatic.com securepubads.g.doubleclick.net
vpaid.pubmatic.com
ads.pubmatic.com
vid.springserve.com
rtb.gumgum.com
33 tpc.googlesyndication.com f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
revistaquem.globo.com
27 s3.glbimg.com revistaquem.globo.com
tags.tiqcdn.com
s3.glbimg.com
barra.globo.com
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
26 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
25 pagead2.googlesyndication.com securepubads.g.doubleclick.net
ads.pubmatic.com
www.googletagservices.com
revistaquem.globo.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
25 t.lkqd.net ad.lkqd.net
23 ads.stickyadstv.com 9 redirects revistaquem.globo.com
ad.lkqd.net
vidstat.taboola.com
cdn.stickyadstv.com
22 beacon.krxd.net tag.navdmp.com
revistaquem.globo.com
cdn.krxd.net
20 cs.lkqd.net ad.lkqd.net
20 revistaquem.globo.com 2 redirects revistaquem.globo.com
s3.glbimg.com
19 s2.glbimg.com revistaquem.globo.com
18 googleads.g.doubleclick.net ads.pubmatic.com
googleads.g.doubleclick.net
17 cm.g.doubleclick.net 12 redirects eus.rubiconproject.com
revistaquem.globo.com
rtb.gumgum.com
16 sync.springserve.com ads.pubmatic.com
rtb.gumgum.com
14 rtb.gumgum.com 1 redirects ads.pubmatic.com
vid.springserve.com
rtb.gumgum.com
14 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
14 eus.rubiconproject.com imprammp.taboola.com
eus.rubiconproject.com
ads.rubiconproject.com
rtb.gumgum.com
ads.pubmatic.com
14 match.adsrvr.org 3 redirects imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
rtb.gumgum.com
ads.pubmatic.com
13 www.googletagservices.com securepubads.g.doubleclick.net
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
googleads.g.doubleclick.net
12 aktrack.pubmatic.com revistaquem.globo.com
12 s0.2mdn.net f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
s0.2mdn.net
revistaquem.globo.com
12 c.amazon-adsystem.com s3.amazonaws.com
c.amazon-adsystem.com
12 sync.1rx.io 12 redirects
12 cdn.taboola.com revistaquem.globo.com
cdn.taboola.com
client
11 vid.pubmatic.com vpaid.pubmatic.com
11 sync.search.spotxchange.com 11 redirects
11 gum.criteo.com 7 redirects static.criteo.net
11 cdn.krxd.net tags.tiqcdn.com
cdn.krxd.net
10 acdn.adnxs.com revistaquem.globo.com
ads.rubiconproject.com
vpaid.springserve.com
ads.pubmatic.com
10 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
revistaquem.globo.com
9 www.google.com 3 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
9 fra1-ib.adnxs.com ads.pubmatic.com
revistaquem.globo.com
cdn.adnxs.com
8 ad.lkqd.net revistaquem.globo.com
ad.lkqd.net
8 token.rubiconproject.com 7 redirects revistaquem.globo.com
8 usermatch.krxd.net 8 redirects
8 sb.scorecardresearch.com 2 redirects cdn.taboola.com
revistaquem.globo.com
7 v.lkqd.net ad.lkqd.net
7 mug.criteo.com revistaquem.globo.com
7 x.bidswitch.net 3 redirects am-match.taboola.com
imprammp.taboola.com
rtb.gumgum.com
6 image2.pubmatic.com ads.pubmatic.com
6 image6.pubmatic.com 1 redirects ads.pubmatic.com
6 vpaid.springserve.com ad.lkqd.net
6 t.pubmatic.com revistaquem.globo.com
ads.pubmatic.com
6 id5-sync.com cdn.id5-sync.com
ads.pubmatic.com
6 sync.srv.stackadapt.com 4 redirects rtb.gumgum.com
6 consumer.krxd.net cdn.krxd.net
6 www.facebook.com revistaquem.globo.com
5 vid-io-cle.springserve.com vpaid.springserve.com
5 match.prod.bidr.io 5 redirects
5 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
5 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
5 ad.turn.com 5 redirects
5 ups.analytics.yahoo.com 3 redirects
5 fastlane.rubiconproject.com ads.rubiconproject.com
ads.pubmatic.com
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
5 tags.tiqcdn.com revistaquem.globo.com
tags.tiqcdn.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 cs.emxdgt.com rtb.gumgum.com
4 bh.contextweb.com 4 redirects
4 simage2.pubmatic.com ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects revistaquem.globo.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 am-vid-events.taboola.com revistaquem.globo.com
vidstat.taboola.com
4 csync.loopme.me 4 redirects
4 prebid-a.rubiconproject.com ads.rubiconproject.com
4 sync.mathtag.com 4 redirects
4 c2shb.pubgw.yahoo.com ads.rubiconproject.com
4 f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 s.glbimg.com tags.tiqcdn.com
barra.globo.com
s3.glbimg.com
s.glbimg.com
4 connect.facebook.net revistaquem.globo.com
connect.facebook.net
4 static.infoglobo.com.br revistaquem.globo.com
static.infoglobo.com.br
3 contextual.media.net ads.pubmatic.com
3 id.crwdcntrl.net ads.pubmatic.com
3 sync-tm.everesttech.net 1 redirects rtb.gumgum.com
3 usersync.gumgum.com rtb.gumgum.com
ads.pubmatic.com
3 ad.360yield.com 3 redirects
3 eb2.3lift.com 3 redirects
3 pbs.publishers.tremorhub.com 1 redirects vid.springserve.com
3 pixel.advertising.com 1 redirects
3 ssum.casalemedia.com 3 redirects
3 match.deepintent.com ads.pubmatic.com
rtb.gumgum.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 uipglob.semasio.net 1 redirects ads.pubmatic.com
3 um.simpli.fi 2 redirects ads.pubmatic.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 pm.w55c.net 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 cdn.adnxs.com ads.pubmatic.com
3 am-match.taboola.com vidstat.taboola.com
3 cdn.id5-sync.com revistaquem.globo.com
3 prebid.media.net ads.pubmatic.com
3 prebid.a-mo.net ads.pubmatic.com
3 ap.lijit.com ads.pubmatic.com
3 pixel.adsafeprotected.com ads.pubmatic.com
3 hbopenbid.pubmatic.com ads.pubmatic.com
3 am-trc-events.taboola.com revistaquem.globo.com
3 s3.amazonaws.com securepubads.g.doubleclick.net
3 trc.taboola.com 1 redirects cdn.taboola.com
3 pixel-sync.sitescout.com revistaquem.globo.com
ads.pubmatic.com
3 dpm.demdex.net 3 redirects
3 nr-events.taboola.com c2.taboola.com
revistaquem.globo.com
2 gu.dyntrk.com 2 redirects
2 creativecdn.com 2 redirects
2 ssbsync.smartadserver.com rtb.gumgum.com
2 b1sync.zemanta.com 2 redirects
2 sync.technoratimedia.com rtb.gumgum.com
2 us-u.openx.net rtb.gumgum.com
2 ads.yieldmo.com
2 sync.go.sonobi.com vid.springserve.com
2 rtb.openx.net vid.springserve.com
2 sync.bfmio.com
2 vid.springserve.com vpaid.springserve.com
2 sync.ipredictive.com ads.pubmatic.com
2 secure.adnxs.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 a.audrte.com 1 redirects ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 pixel.onaudience.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 static.criteo.net ads.rubiconproject.com
static.criteo.net
2 cm.adgrx.com revistaquem.globo.com
ads.pubmatic.com
2 px.moatads.com revistaquem.globo.com
2 cdn.stickyadstv.com vidstat.taboola.com
cdn.stickyadstv.com
2 z.moatads.com vidstat.taboola.com
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 impr.taboola.com vidstat.taboola.com
2 search.spotxchange.com ad.lkqd.net
2 vidoomy-d.openx.net ad.lkqd.net
2 wf.taboola.com vidstat.taboola.com
2 imprammp.taboola.com vidstat.taboola.com
2 ad.doubleclick.net 1 redirects revistaquem.globo.com
2 15.taboola.com cdn.taboola.com
2 a.vidoomy.com revistaquem.globo.com
2 horizon-track.globo.com s3.glbimg.com
2 prg.smartadserver.com ads.rubiconproject.com
2 bidder.criteo.com ads.rubiconproject.com
2 s.seedtag.com ads.rubiconproject.com
2 sync.navdmp.com revistaquem.globo.com
2 cms.analytics.yahoo.com 2 redirects
2 idsync.rlcdn.com revistaquem.globo.com
2 stags.bluekai.com 2 redirects
2 cocoon.globo.com s.glbimg.com
2 ads.rubiconproject.com tags.tiqcdn.com
ads.rubiconproject.com
2 cdn.navdmp.com tag.navdmp.com
2 www.google-analytics.com www.googletagmanager.com
revistaquem.globo.com
2 usr.navdmp.com tag.navdmp.com
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
2 tag.navdmp.com tags.tiqcdn.com
tag.navdmp.com
2 cdn.onesignal.com revistaquem.globo.com
cdn.onesignal.com
2 barra.globo.com revistaquem.globo.com
1 pixel-a.sitescout.com
1 api.rlcdn.com ads.pubmatic.com
1 i.w55c.net 1 redirects
1 id.rlcdn.com
1 onesignal.com cdn.onesignal.com
1 tg.socdm.com 1 redirects
1 ads.playground.xyz 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 spl.zeotap.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 geo.moatads.com z.moatads.com
1 tsdtocl.com cdn.taboola.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 ads.yahoo.com eus.rubiconproject.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 sync.taboola.com am-match.taboola.com
1 29f33738099d8a2ba9033c0012e3fcbd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 aca576afd1bf443543c13a542593589f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 fec9fe8de1b879341a5e33774e1c28ef.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cd.navdmp.com revistaquem.globo.com
1 usergate.globo.com tags.tiqcdn.com
1 c2.piano.io cdn.tinypass.com
1 buy.tinypass.com cdn.tinypass.com
1 ads.vidoomy.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net ads.rubiconproject.com
1 cdn.tinypass.com experience.tinypass.com
1 experience.tinypass.com static.infoglobo.com.br
1 stats.g.doubleclick.net www.google-analytics.com
1 horizon.globo.com revistaquem.globo.com
1 vars.hotjar.com static.hotjar.com
1 ampcid.google.de www.google-analytics.com
1 ivccf.ivcbrasil.org.br revistaquem.globo.com
1 horizon-schemas.globo.com s3.glbimg.com
1 script.hotjar.com static.hotjar.com
1 ampcid.google.com www.google-analytics.com
1 gadasource.storage.googleapis.com revistaquem.globo.com
1 static.hotjar.com www.googletagmanager.com
1 c2.taboola.com revistaquem.globo.com
1 www.googletagmanager.com revistaquem.globo.com
1 www.npttech.com static.infoglobo.com.br
0 sync.tidaltv.com Failed
0 rbp.mxptint.net Failed
0 p.rfihub.com Failed
0 match.bnmla.com Failed ads.pubmatic.com
0 docker.creative-serving.com Failed ads.pubmatic.com
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 aud.pubmatic.com Failed ads.pubmatic.com
0 r.nexac.com Failed revistaquem.globo.com
908 213
Subject Issuer Validity Valid
revistaquem.globo.com
R3		 2022-03-29 -
2022-06-27		 3 months crt.sh
barra.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-24 -
2022-06-24		 a year crt.sh
s3.glbimg.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-30 -
2022-05-30		 a year crt.sh
*.infoglobo.com.br
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-17 -
2022-11-17		 a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-21 -
2022-04-21		 3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-30 -
2022-12-29		 a year crt.sh
*.glbimg.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-06-06 -
2022-06-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
horizon-schemas.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-04-04 -
2023-04-04		 a year crt.sh
*.ivcbrasil.org.br
Amazon		 2021-06-30 -
2022-07-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
horizon.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-11 -
2022-11-11		 a year crt.sh
*.piano.io
Sectigo RSA Domain Validation Secure Server CA		 2021-08-19 -
2022-09-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
cocoon.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-15 -
2022-10-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-28 -
2023-04-28		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-06 -
2022-09-05		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2022-04-05 -
2023-04-04		 a year crt.sh
horizon-track.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-11-11 -
2022-11-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
ad.lkqd.net
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
usergate.globo.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-08-28 -
2022-08-28		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.a-mo.net
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-09 -
2022-07-14		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.id5-sync.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
*.springserve.com
Amazon		 2022-03-31 -
2023-04-29		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
tsdtocl.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-05 -
2022-12-31		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
truffle.bid
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.bfmio.com
Amazon		 2021-05-16 -
2022-06-14		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.srv.stackadapt.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-12-21 -
2022-06-15		 6 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh

This page contains 151 frames:

Primary Page: https://revistaquem.globo.com/
Frame ID: 39244C94BA98E38AA3FFC54E81B9E0E9
Requests: 237 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: D488B003FA7D53FE640B14897D1AD5C8
Requests: 19 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: 08D4AE8C3EB673296A9CFBDD42A6535F
Requests: 1 HTTP requests in this frame

Frame: https://nr-events.taboola.com/newsroom/1.0/editoraglobo-revistaquem/report-page-structure?page.url=https%3A%2F%2Frevistaquem.globo.com%2F&view.id=543910411116931719&page.template=home&page.dashboard=home&ui=12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b
Frame ID: 68031D04FC96EC0C3B301BE4CECCDC48
Requests: 1 HTTP requests in this frame

Frame: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC4D92DE745FA8CD16C61AAE65FFC739
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 01C92F75702BC3482D350E47604A2D35
Requests: 19 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuombdSfqDq6Z4SQZEhJ1ZIMdMUqRU9BQUGlrlMQa78d1bCW8uIB_uaCMLmOztfzyNPqQTx2Y4EKCYnqMeXCsECMBtJRLYyBO9Ax3uL9-re87imu7i1_NntoKVgRUcgi8VuniLo3xE4NpxQW_gZBedVuI5M6uLuH9-vkOpvB4yeOyBf_w5wrRqI-2pDgpXQghGxwdk_u7_Fp02Pb6KsqvEy223NX5mDwWCtUCfe9RLlx76Q7o3wHEG-B4TCqJrpQwkeFuqO9e97w3G8B-gAB1UMZzlA_qTKcEcvJRef7m0vUFwHvzknRGx0enWEBTRqjI&sig=Cg0ArKJSzHK3-TqMz-KMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BA0C3A5575029B551D7A61FACD220DBC
Requests: 19 HTTP requests in this frame

Frame: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 57F57DB08F8BEFB0A40C4A3BA17922E6
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCKe6JQxOuKZciPA0zOiDtRmHu2riOa6uI0YkebrJlV6ZxrRuc_rHNw5aB_rEGxW1OA5USBnRxJ3UfQjGNHM6Dk8eE2hNXurwREPyJg8fvc-cQcbGOtuEd7RXTzY0KbFPUz92GM9ahfSqMwHl2SluOy9qiFJLcaYQEDftTM75xKhZrb0JND7OupWcI0C9PVSWf4p6omMnHp8QUl6DN4ja1MrAW17BAw6LLl6Z9BzhXV1x-mJCaIt2KzCzk72CF4tZF6T0dYtdJJE-k5E5pmgpnbwK30zHOJnb5uG5hRAs80SwdfWRgdF-tPUqSkO9P-54&sig=Cg0ArKJSzEWsgnjv7_idEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AC7B8BAA2B357AF06C7F940A4EC601AF
Requests: 34 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfclnmO4Pj9N0ZAbVvUvXBoMCtpCPnAHvO4soIA2dJ0G8KmYm_pzmNj94-nUeYuXE0vmaSB3_u2BomHreemug3fKLLj3e_s3M0gF-Y9AeejT22X2cpnSKlsAo5rLrbUOb3aiM7WkwR-yTTIHDN2ep6yrXVEevnc1G4pHHmHUtATKmkseSjEQc-jciv7eFYySrFLHUBVpbNmMdq4KtIsVJgtcvxLOMi64ZwI0byiFTSr1ZQAXgO4xScum8JOIliGmXGwJML6fPfdfTRC1zjLo3zvH7vFF_Vq0SeG0Uz1VrLw6TLA5SjSiqO7Wd8B3irC64&sig=Cg0ArKJSzN55mvKpSl2aEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 37CBE113CF2EB0BC53F648C03D8913EB
Requests: 33 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmV6bgtj-8s75GtznF2S8WEHwvKsCQgzmW2q0mFvrEl1VvQs_A2-0EH1KmVMECe2Ycx4_f2MyMv-3h5FhYJlSBf02xOfTiB98h05__FNX5FjQEdSqrYchPZ5qTLRkSSr9XuYNlVtVWtt-MWKe-mIXkBqqisvZjJOyYv94WyutXeHS2cH1gNXvJNui9cnE4Bvrrn9Lz7Gudt5FlbAZMlUSNtrlZCGF4y0b3lJoiXEGALi9BQGLOtLvcqfnl6vVv9Jr8pv3laa6BOLdjRbofwDvTOwxOrf1mm74RR5DNP8Xx4iyXKwCoUYWmMsv21WvhgrM&sig=Cg0ArKJSzHtzhXpVh1VhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 344954D5AF507A5C45626DF434A153AC
Requests: 33 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: B799DABBE2A6D499F95C7867DC579ED8
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: F3A568BF845BAD73DA61342A386CCA3B
Requests: 2 HTTP requests in this frame

Frame: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D4DC87D895862831F2DBB5DA34E906A
Requests: 8 HTTP requests in this frame

Frame: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D34C8FB47C5AAD054FE7A32AC0A8006
Requests: 8 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 5F43DADFE979C82EC5A9388A6FE0AD91
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 95942CD5250AE3A5A9F2FB94C67E6DA4
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 756D9DCA76242E677BAB72C22CB172E4
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 47A6FA5F159AB187C167CBF53031789A
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 93B77E7068D7CE2687044C61F89A35A6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Frame ID: 3268479EC60EE872510C7964C31FF773
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Frame ID: E54B5EB64F4C3B16590364AE90BC5FF3
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3807034D803CE691055CD1C5923B9C6C
Requests: 6 HTTP requests in this frame

Frame: https://fec9fe8de1b879341a5e33774e1c28ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2263828D327F53BCD7F11B049519C6BC
Requests: 1 HTTP requests in this frame

Frame: https://aca576afd1bf443543c13a542593589f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 027A5C26AA3BC8FF4D3262C161C83A18
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66427505&crid=6168135&dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&cmcv=&pix=undefined&cb=1649901087270&uv=3158&tms=1649901087270&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=88A137E40495907741492491367&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2454B922DD83F188C830D1E860984885
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 90F03F78E63097F0FBC7EE96EF62FC2B
Requests: 4 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=undefined&cb=1649901087292&uv=3158&tms=1649901087292&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=FFFC28DA1503412991169071178&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: BAB84488CD81695154A623045CEC84C4
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 6FE7C433534149EC908A8B0411BB19BE
Requests: 6 HTTP requests in this frame

Frame: https://29f33738099d8a2ba9033c0012e3fcbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 54D884FCBBA41868D3240FAB7D1BF52C
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: ED86227D18C82F9FB15D438888DF7B5D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssb9agaF0STEbD9Yz0k-J5R6sbi88cvNmylPQeckcMVefKRR821gHsHtA82ymJuZJ9yEgD9yCklCzyyKpfgUr7BLi01eyrVLY3tu_5Rl9_kQqkcsL86wdv9baMCcBQ7w8fY67NRDVCE6XqxseG-f4-Bx2XhDq_4km6EasEODE_ys5b45_BGZ-e3kcaXHFJG3NMUyfGtwxX5NtfLk2wEQBbbJVvbhjUpWDGjaxi__iRbkVyBw50q6wXWM-BAEGKOad8vo2VLYedgq5UzWeExv6-DBYqPDxaios3Zhg5KLnilp1N-CSFg5DgxqWHk2IYtc9JExCqx5a5-i3S6GT7MX3CYZjKkA2VVTDBg5QnI&sig=Cg0ArKJSzCEhITAn81ECEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5CF3FCC8F012C19D5C05A2FF99F6ABC3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 152789C37B9B6D1C8CFC33C7AEC03A0D
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzrO9osRffs8rDIUlb7-K_3xXTQnfjojD_b8MshCHStAc257ijNUhylJBb-FV3FXsmKdu5G6o7I5bQIGbdy8vZxZRYqQnbs3tsxe7yFPHTS03fkVZHfzOg0HbWLrMWpQq-q-IulK7FCls9LNE0NPAwVNbdBWYOvb3mrwjKTiQxHDjqKajrv_SgS51qsotKtPRPetDRSetMNuwxarYYeQcJ8yosPpSh_0CQ4ypc8iMYFsZOJnC1vNxd-wX8npFQeUop9wPs4Xe8403jBS2Vuz88wX-rmnUTeNqc5PZRRL4zLCEkd8ciISKtxnZgDjT8VpdSJW5WA6KzzXm_39ezDfmmzz_EEYEVDBi6jd4&sig=Cg0ArKJSzPAEUpjtvoVUEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 72460F9317B84B0445EBD63CD55EE1B3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 4D3C97F4B4EAA1D3BF13200FE028BF6E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Frame ID: 12D87B4387EBBF94C4A432F93F7BBCEA
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Frame ID: 2BA7D7F8152F1AAA2F7469CB67E87AF7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F833F45E9CE0C4277CA95FE4814A994
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ADEE8B29A16E823924B55DEDF7FCF65A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CD468B4D748862573CDB60DE3413D32
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6EAF8800611CFED9CFDC7FDBEBBA2BE4
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4I4Wg4-HH1UeMt2VJI6V7R0bqJVmQWXDOn4Z0xwO4AO2RcS7wmiKrSF6WEUKSZdIN5ncdTlIv2pZH1U5YiybO5Xg_SnvtMBfGMATtv00HOIvQ3aACXSkgqm6DinyJoZjsel5i1Emh94oABHWKyvb1Hxwdg_0HR9wMME6BuADFNPsQxdIKV9w8Jae1B-_yAu9Gt4wJ9VLaw7nB6I6A0VEYbIO0Sdx8FPrNMdkT_1FxY9RV5bw4fAKlnkTstk8UCKZu1PbP67rB6bX8X0fP5mTVjoH117PFxFZyiwFOj1UuGSFUcVY6pccrzECIkWVv5Sdq6b3q0StgY3Synrbk1jqEnsSbt4SMiWdC8nc&sig=Cg0ArKJSzNqFhZPVPDnoEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F2727F38C3A26E4F83E19DF0BE6779A3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: A39AA7D41763CA78AD64B30961973DE0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B956E4FC6B7B65D380320D2B074BBB3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D950B69AA9CF121F26BA941168C05851
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 22C449F0C57F658DDDFF251B0DC7ABA0
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Frame ID: 0CD0141EECBBDBEBB33F75F8E31C9E98
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 8E62BD298C9AD2D332E4C0BC1FE7A410
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Frame ID: 48F2BF04AB910CCACAFF9973801C37EC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 4A50225657BD8D4653F18A98E5DD5EC3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8D077AB2639934575EF4B6829D1DA8BD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 74C7ABAB283086D3B261F6433FB640C4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 91B2154D2DAACABF40B15E5E1231D3C2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: D541EE7C187128731498D772A87E10D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 2F3D9B2F2C4ADCF9B3CA15CE9F16A621
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Frame ID: 34D74ACF8052E087DA1083124F962679
Requests: 3 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: 59D5E82AFE316C40EA3A27436F3BCFB6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 6098850383918814224C0F2DBE61DD33
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5BE7FDA5CAD5269FDF64A0030403FE6B
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Frame ID: F629EC6DEC0F8589676C0D29D93CA371
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:18576257-7e1d-4600-b186-4b87cea796dd&gdpr=0&gdpr_consent=
Frame ID: 4A112670A233BEF9FFBB53708954678D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1930816772207440750
Frame ID: 187894A2094A9A67B8A2685D943E5A7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 7B753F8617A7131D7D883CEB8E6E0D74
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Frame ID: 142372E7655776863DCB959B9CD85D3D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7281C5D8E29225DC885E99267542A9E7
Requests: 12 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086271214606547085
Frame ID: ADE55870F4253DBD44B1E231100001B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yld_IAABzu1TdQAZ&gdpr=0&gdpr_consent=&_test=Yld_IAABzu1TdQAZ
Frame ID: 01DF9599E51458730ACE4EC4C72BFE5E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 38EF6905174601EA79CB87307A8BECA8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pQHog5hZRXJyywhxFGiggdlAl0Q
Frame ID: D7C646B4D887CA89571BB4C64286407E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=revistaquem.globo.com
Frame ID: 1F9D183627C0EDE298094437CF7ED196
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B056DE332712A77A5734CADEB149BD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9D6378A4DF73348B7238B8E15B689B6F
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Frame ID: EA21044A02E6B920B7779D7066CF5650
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8B4C215D2DAC11FE5CBC872E5B82A359
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6D05FAC593774210EB607AA6DBE1D9E2
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 781FB3960305AADAE54500A7042D6F1E
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Frame ID: 930FAB99ABAEE4AED14756CE0CC18F2D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4D5DF394F1CC986FBE2A32EA126AC3CF
Requests: 6 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGF807ErvwAADYzwFHJ6A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 0042BBFB53AECFEB3674F1A0A23AF1FC
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 9BFA05130F827234EF161AC0498F62C2
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3A5AF02FD635512523EF6C43878E7DF8
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 52EA0553DF511847E3835FC11D187626
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9AEBB07428F9364AA31DE556DBF8B92F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagRQSWgQaUTShTQa
Frame ID: BF2DCD093FFB9063FB1257DA32DAA8EA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 7CED473CFB6EF1DDCC7310029FC41210
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=468d1dc8-8053-416c-81ba-ff2b168f0973-tuct95103a1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: E27931B307FBFDE55EDC5C6AE9823D32
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Frame ID: B3F295BFB383F2F1C587D059CC4A5F9D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F24B86F1645E98ABB0525EDB6147B03C
Requests: 4 HTTP requests in this frame

Frame: https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
Frame ID: 72BFF80587757A5D6B0E76228E8A1722
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 749F4F7DE9D835E352AF0CD143A72106
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:N1yNz4lE1NEODS5&gdpr=0&gdpr_consent=
Frame ID: E2F63A5DE7C58D3390A1CD7FF3E0DB47
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?dspid=6&uuid=A3BDC2EA93AF4364963906C238B29D73
Frame ID: 0F5AD5A60BDB211825FFBDE82C58F33A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A3BDC2EA93AF4364963906C238B29D73
Frame ID: 2425ACAB7AE4A8701658E8AA2A7E0F1B
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Frame ID: 827CA362F6AD46B4921403E21E90D9C4
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Frame ID: 1FA2EE3C2142505DCCCA12F2AD0E5FE0
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6DD12993440B2A0C2ED1648A1C009A90
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Frame ID: 7B4BAA77629F8537295D369A39BF99E5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6463F482686DA12920CA3FAACC58A0B8
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 4174448D8532D5C209BEFFCCD9AEE692
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 1970025F3959647295C29611DF95C37E
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 38AE863E8D50B4761168E53E93FA2027
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Frame ID: 6CB380C97507B014B065828AE0D803D6
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 51DE6029AF89F6A06048118C0556DBE7
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 1EA63C99F9F296D880CF437A29A5C824
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 5A59C3627F4357F14836DC615F5C5E91
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Frame ID: 02B57EE3ACF845E10DB8F0B5B7E1ED17
Requests: 3 HTTP requests in this frame

Frame: https://sync.springserve.com/usersync?aid=1000010&gdpr=1&gdpr_consent=&us_privacy=&uuid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Frame ID: DE50429DE21D36C4A0015DBB535B5497
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=18576257-7e1d-4600-b186-4b87cea796dd&gdpr=1&gdpr_consent=
Frame ID: AFD8EA18E4692F090C3BEB3A7467CA5F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: A9B385DE7A839AD1628855BCD0860296
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YzkxZWUxNy00MTZiLTRhZmUtODNlNC05MjI0NTU4M2FjYTU=&gdpr=1&gdpr_consent=
Frame ID: 559F72D3BE8BF4F88406F867F16C3606
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: C6E19FC9842EA56F0F0CAEFFB32BA996
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 6BE8A1DF006D86398262BA7CE03FE98A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8F03A6F6E5EA2EE9E40EEB70F827A318
Requests: 3 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=1&gdpr_consent=
Frame ID: C04A4D0779EA2289E097B305C11824E3
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=Yld.JsCo8X0AAOJfg40AAAAA
Frame ID: C8EED0F6EA95F167398FC0FF6FA0BD63
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=8opCbLz1Th8XQmx5u6rL&pi=gumgum&tc=1
Frame ID: 569D2D2E05A0645CCE313DBE8F3729D3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 89B9B54EBA76E0C7F8C0F2162E64F54C
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Frame ID: 53480C45F5A3FCA7DAEDE51DF981A33F
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Frame ID: D41DFC5C364096058AB78D77B7C4D3CD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 2677CBE3191F9F0580514F1D14DD2A25
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Frame ID: 9EBFE81290FDADC637E98CEBF9AAA701
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 618CB06FF68994AC37774BF23C3CB115
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Frame ID: 1A98F39249202111589146E202F7B320
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 7101F6423E7195CE8E97B086E1372F1B
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Frame ID: 8354F274EEA4A16D4738F8BA372289D2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1B509FAE4EF2BCED407163B3ADE1A51C
Requests: 1 HTTP requests in this frame

Frame: https://sync.springserve.com/usersync?aid=1000010&gdpr=1&gdpr_consent=&us_privacy=&uuid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Frame ID: 19BFBA9357EFDE34187ADEC57070CF16
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 13D417494351F94D4D49146CD7E5691F
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YzkxZWUxNy00MTZiLTRhZmUtODNlNC05MjI0NTU4M2FjYTU=&gdpr=1&gdpr_consent=
Frame ID: A735BB9E5F1AD8337610726C3DACE5AA
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: F8DA52B177418447DCA8C022FD65EDBF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 696A18783E99AB83C7B30F00F3A67717
Requests: 10 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=1&gdpr_consent=
Frame ID: 314C62B81A664B62C0217992918218CE
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Frame ID: 8318F718BF7C3505D1523081FE1D6187
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: D6884989D1A4BBCB286B385975BC7A89
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Frame ID: 99232F10485A9B10163DCCB1F0624A63
Requests: 5 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Frame ID: 00F8ABDE0D34F2061BDAE1C4824EC107
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7495AEDCFD57CC11A3ED05221F896139
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C173%2C251%2C175%2C178%2C157%2C3018%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C117%2C337%2C338%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: E9C54CB5C948127DE1C137D0447A3149
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5BFF09CF412D525E9D8E4079CAD8DD3E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1AE11D62635C212FF141CA57A2ECC33C
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: C7EA5B14A0D8AFD6A7AD3EAD7858E1BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: AF179B97866B103A4E9716209F12D4B0
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C173%2C251%2C175%2C178%2C157%2C3018%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C117%2C337%2C338%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: B99CC541836EBD4F2D154A1AE7F2959D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 82CB85A066C9203AA7061BC7C80ED12C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9EB0BD0420313179F4075E5813952185
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Frame ID: 114599891AF71B0D5438C1257280C47C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B597ADB4644E8E477300940D68E1D700
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 70AB82752E875F551EEB66425EDC399A
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Frame ID: CA716EB0D693C3321244573542345BF9
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C173%2C251%2C175%2C178%2C157%2C3018%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C117%2C337%2C338%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: A019FC3F8483F5A884ED8FEE4972AA7C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9F02AC52A53A1B0DDDF68A1191A84436
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

QUEM - Fotos, notícias, comportamento e flagras dos famosos e celebridades

Page URL History Show full URLs

  1. http://revistaquem.globo.com/ HTTP 301
    https://revistaquem.globo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

908
Requests

85 %
HTTPS

21 %
IPv6

109
Domains

213
Subdomains

139
IPs

13
Countries

11203 kB
Transfer

32724 kB
Size

152
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://revistaquem.globo.com/ HTTP 301
    https://revistaquem.globo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1649901084868&ns_c=UTF-8&cv=3.5&c8=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&c7=https%3A%2F%2Frevistaquem.globo.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1649901084868&ns_c=UTF-8&cv=3.5&c8=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&c7=https%3A%2F%2Frevistaquem.globo.com%2F&c9=
Request Chain 73
  • https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 98
  • https://revistaquem.globo.com/one-signal/definition HTTP 301
  • https://revistaquem.globo.com/one-signal/definition/
Request Chain 114
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3h1d1V1RG0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM_IfDxf-6g8Me0hMOJoOE8&google_cver=1
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3h1d1V1RG0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3h1d1V1RG0&google_tc= HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJkn2ej7MocwjSFEDDW4qCU&google_cver=1
Request Chain 116
  • https://stags.bluekai.com/site/26357?id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOxuwUuDm%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 117
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uLrOQwf3jZ61m4tbl-GgQWCN1ELkYCUr
Request Chain 119
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OxuwUuDm&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OxuwUuDm&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
Request Chain 120
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
Request Chain 121
  • https://ib.adnxs.com/mapuid?member_id=1780&user=OxuwUuDm HTTP 307
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOxuwUuDm
Request Chain 124
  • https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Request Chain 125
  • https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OxuwUuDm HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
Request Chain 126
  • https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
  • https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
Request Chain 127
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1649901084343 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
Request Chain 221
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=991735043.23243961384580477.30035985 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=991735043.23243961384580477.30035985 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dae2436b0-25be-4e8b-b9da-ccf85b963cc3&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=18576257-7e1d-4600-b186-4b87cea796dd&expires=30&ssp=vidoomy&bsw_param=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ae2436b0-25be-4e8b-b9da-ccf85b963cc3
Request Chain 222
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
Request Chain 230
  • https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286467;dc_trk_aid=524524303;dc_trk_cid=168638645;ord=2022-04-14+01%3A51%3A24;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=revistaquem.globo.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286467;dc_pre=CNX018C4kvcCFUT4dwodJ4sOFg;dc_trk_aid=524524303;dc_trk_cid=168638645;ord=2022-04-14+01%3A51%3A24;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=revistaquem.globo.com
Request Chain 253
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=bGLhAnxaa1E2M2ZPWmc4ekkrVVJDWkxtV0U1R2JRdSsyQmZ1RHk2SGprS3F3RHdIYldDUStycUNidE9PWGY5Z0E3ZnJCRXZFM0s0eWIrVkVENDJXQmtnaDRRK0FHeHlDTjFXN0liV2lsMzlUWjMydE9TcisrTXFad3RiazhIWktNUkQvSjVWZDJVM1Q4Vy9CeWVvUkQzUzIwZ3FsbVNnVkd1NUE3OE5VUnJubmJENS9EUVozdU5YcklySDlFSlhkdUdxWWYzOEFWOVplb04xNjlnNWJkZzR4TTdYTlkybUtNTHpXRmc1elhrb1NvamlLZDZ0VzV2TlMwRGN6VUExTFpJamlNOTRFMVY4YlBITDFWL0ZlZ3RxcnZ3UnB5OGJNWHZNUTdnYkJqZVhPa25iYz18&cppv=2
Request Chain 261
  • https://usermatch.krxd.net/um/v2?partner=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3h1d1V1RG0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3h1d1V1RG0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
Request Chain 263
  • https://stags.bluekai.com/site/26357?id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOxuwUuDm%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
Request Chain 264
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iKwPB-q1hVtLaSu8q2g9cqQnlxUUNzZv
Request Chain 268
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OxuwUuDm&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
Request Chain 270
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 302
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
Request Chain 272
  • https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN&gdpr=0
Request Chain 273
  • https://usermatch.krxd.net/um/v2?partner=sitescout HTTP 302
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Request Chain 274
  • https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OxuwUuDm HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
Request Chain 275
  • https://usermatch.krxd.net/um/v2?partner=navegg HTTP 302
  • https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
Request Chain 276
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1649901085203 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
Request Chain 279
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ITdpU3xaazRQcURlMnZjUnVuaFVDbUpqeHc4YlVBR1paemhyZEdDbU82d2tXRFQyUC9QYnpmeW9JMGFUQlNaRllmVG0wZU9QNkpiOUZUT1YzZUYwK1phN3dPV1dBSHdrMHRHcVdKZVFhbnN3dDVPMldKMnMyRlg1RlZWeXVDRk5ScGpLcm1ObjI4M1FtWStjQ3Y4NHB2SS9Wa0gxZW9pYlIvOEQ5cnU0TVVxbVlrbk1LU0ZGcjJlUnQ4bHFkbWtEekpKMS9XWlUxZVpTSFBGcVp1K1F5aGgrWXo0MW5aNHhVU1MzR1VxUDI4bDJxOFM5MzVZZXp2Vm1GZGVHZjB2NjY3Q1J1Ym5rT2tQRktBYVc4YTRIRlRET00wMXMrZGloZWtYQVpKd2czaFNjNEswUT18&cppv=2
Request Chain 288
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=5F9LynxYbSt4NnlnWWxJd0YvOTNySUd3QUNxeDFzVi9nQW45czliTUhjcFc4eTlNU0NDNlVTYnpIMlBybzZtVCtrOFlrR2JUdTB6MGI5TDRwL1E1eW5EeG43Ymc0V3BKTHc3aVk3STIycUppSHIxR1JVSGY1SG9DNkQ4N01RV2VydUJPaHZHSlhMUmlhRjZuWUdIVnJNcWszQTNXakRnYWNUZzFzdGx4Q2pMZTBEVjBTby9JRTA2WUN1dHEvNEpjcUpHNHV5cHd2d0MwVE84RDhsZ0ZxQzVDM08zbnJZMnUyeUdhb1czd0EzSEdzbWN6OFV3UGxINFhGcHN6Z21HQloyUlFhSlBNZnRkZHRiQzB4Snh6ZzljdGo2a0hZQ0drRm4zTzkrZFM2NlFINS9EYz18&cppv=2
Request Chain 320
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3811ca64-63de-4fcc-bcba-019a105eea71
Request Chain 323
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
Request Chain 324
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=T6o7723FQLtO2D-jnK6nwNlAl0Q
Request Chain 327
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d0ea4b24-3280-4893-8338-09bc7e28694d
Request Chain 330
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3861132695741061582
Request Chain 331
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Request Chain 375
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=64f26e8a-bb95-11ec-9cdd-1669d4c90306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Request Chain 378
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=64f277a3-bb95-11ec-b949-162d46060306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Request Chain 388
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=64f7e6e7-bb95-11ec-83b6-19da87bf0306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Request Chain 390
  • https://ups.analytics.yahoo.com/ups/58534/occ HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
Request Chain 393
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=64f7e18f-bb95-11ec-9ac0-1189f5600506 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Request Chain 405
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=23d61c55-3801-422a-89df-cf38add6a977
Request Chain 408
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
Request Chain 409
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Request Chain 464
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 503
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Request Chain 531
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 532
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1YCI8FD-1G-5SWN&gdpr=1&us_privacy=1---
Request Chain 533
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQxZDQ1ZmExOTEwNGI4YWFiZWIyMjZjM2EzMDIzYWRjYTgwODliNA&gdpr=1&us_privacy=1---
Request Chain 534
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1--- HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1YCI8FD-1G-5SWN&sigv=1&esig=2~83c93ace3e92697b8a33fe309a99144f306c4668&gdpr=1&us_privacy=1---
Request Chain 535
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yhxfMXlD_zf4McEzGgl0Fcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1984157158644672342
Request Chain 536
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFZQ0k4RkQtMUctNVNXTg==&gdpr=1&us_privacy=1---
Request Chain 538
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPahVA6cIjG4Q9Mc2bkpvgI&google_cver=1
Request Chain 551
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 553
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 565
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 574
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=fb34cb2417d25acb7244d935c25498b5&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l04bc_7086271210300826826 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f05f460c-7c71-4add-85b4-6d93ed1e951a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmIzNGNiMjQxN2QyNWFjYjcyNDRkOTM1YzI1NDk4YjU=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIHeP4G9b2LIlWyZfkN2b-I&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAGF807ErvwAADYzwFHJ6A&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/fb34cb2417d25acb7244d935c25498b5?gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Pgjvf3VE2oObjA2uh.vd68ZR0oXyxvU_cDJHcUOb~A HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=N1yNz4lE1NEODS5 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Request Chain 584
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmIzNGNiMjQxN2QyNWFjYjcyNDRkOTM1YzI1NDk4YjU=&gdpr=0&gdpr_consent=
Request Chain 585
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=fb34cb2417d25acb7244d935c25498b5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 589
  • https://c1.adform.net/serving/cookie/match?party=14&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Request Chain 590
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:18576257-7e1d-4600-b186-4b87cea796dd&gdpr=0&gdpr_consent=
Request Chain 591
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1930816772207440750
Request Chain 592
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 593
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IzvFZxzWQtSthbs_7qs_NA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 594
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=18576257-7e1d-4600-b186-4b87cea796dd
Request Chain 595
  • https://pixel.onaudience.com/?partner=214&mapped=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=f05f460c-7c71-4add-85b4-6d93ed1e951a&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=0a9d84ad0678b7d0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7106cd9a-55e4-49e9-658d-7d6185393dbc&reqId=e038743a-c865-4fd9-5b41-0b740e364cf2&zcluid=0a9d84ad0678b7d0&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHQjcpmneLwRTp4Zub-tNs0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7106cd9a-55e4-49e9-658d-7d6185393dbc&reqId=e038743a-c865-4fd9-5b41-0b740e364cf2&zcluid=0a9d84ad0678b7d0&zdid=1332
Request Chain 596
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjMzQkM1NjctMUNENi00MkQ0LUFEODUtQkIzRkVFQUIzRjM0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 597
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdud4czLbAMfH9PpG3WhCc&google_cver=1
Request Chain 599
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5532520119658720114
Request Chain 600
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f05f460c-7c71-4add-85b4-6d93ed1e951a
Request Chain 601
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7704152931637928568&gdpr=0&gdpr_consent=
Request Chain 602
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gDwnwIFrIMebOnbEgWo_ltc-dsabOifAhDlvimPL
Request Chain 612
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086271214606547085
Request Chain 613
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Yld_IAABzu1TdQAZ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yld_IAABzu1TdQAZ&gdpr=0&gdpr_consent=&_test=Yld_IAABzu1TdQAZ
Request Chain 614
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 615
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pQHog5hZRXJyywhxFGiggdlAl0Q
Request Chain 616
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&addseg=19,36,42
Request Chain 617
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 619
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34 HTTP 302
  • https://a.audrte.com/p
Request Chain 621
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0oCT3bxE2uX.HjC2tNPdWKQMokyMH.Q-~A&gdpr=0&gdpr_consent=
Request Chain 622
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&bidswitch_ssp_id=pubmatic HTTP 302
  • https://px.adhigh.net/p/cm/bsw?u=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&bidswitch_ssp_id=pubmatic&bounced=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=ummzOeRHQ8b.AikABlGAJcSwgQ&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 624
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7896357961865025998&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 633
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=revistaquem.globo.com&bundle=g2eEA19CSU8zZElGOXlaRXkzSWFOR25XajFmZzA4RzlnRThpMWZEaFdsMjdZZ0RaT1V2VURNaEEzZ1QlMkJuQWxzelVNa0VTc1hIQlVJMFVReEZCOUhlR0dtS3BqdjFZcjNXTFpQelF2YXZQd2ExVDdiMzloUzVKZWViNk5MYzFKNEl3M0gzTFlheVZIU1c4TlNmMWF1T1g4NTdTZyUzRCUzRA&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=6mogNnxhMWlXRk0yZVMyMmxTWk8yV1RRL242bGdZNUNQWlBsOFZNSlhsZHllQjRyMXR1N0ZlZDhwbmRWK0NtUy9ZWmlFdjZsanRPVTBVbGhSRHN3azFvRFk3c3oxYnJ6WFRrbnJnZ3Q1NlllU2tnSU95aHFFbnE5UUErNEFhYUFEcFk4WWxUVHB1bXAxeHBQdjFuZ09PdmNnWnhxZ1lNaFloM3p1NWVNOVlNTmkyTHRKcCtVQWZqVVJ5R3NhekRjQjBlMXdrR0xOL0t1bkNLa2VNbmxoR2ZiWi9RcDNYb293T1hoM040TjNaSVVqck5uR2UvS2ZuSTg3QzRuTllBajhWdmFtM0t6Wmo0aEp1eHh5bDFRU0F4QlNuZz09fA&cppv=2
Request Chain 656
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHRjgwN0VydndBQURZendGSEo2QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGF807ErvwAADYzwFHJ6A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGF807ErvwAADYzwFHJ6A&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGF807ErvwAADYzwFHJ6A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 658
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 661
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0a9d84ad0678b7d0/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D39puKE4JagRQSWgQaUTShTQa HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D39puKE4JagRQSWgQaUTShTQa HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagRQSWgQaUTShTQa
Request Chain 662
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1649901089860 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 663
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=468d1dc8-8053-416c-81ba-ff2b168f0973-tuct95103a1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 664
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1348774060 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Request Chain 665
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=0&gdpr_consent=&ct=y
Request Chain 666
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7704152931637928568
Request Chain 678
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:N1yNz4lE1NEODS5&gdpr=0&gdpr_consent=
Request Chain 679
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=A3BDC2EA93AF4364963906C238B29D73
Request Chain 680
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A3BDC2EA93AF4364963906C238B29D73
Request Chain 720
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6545ada4-83a7-45ef-a10e-39cd1c0dcc16
Request Chain 723
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
Request Chain 724
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Request Chain 746
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
Request Chain 749
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=184932&us_privacy=&C=1 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
Request Chain 750
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true&verify=true
Request Chain 752
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=8Kyz2GlMKjA1&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Request Chain 753
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Request Chain 755
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
Request Chain 756
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D HTTP 302
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Request Chain 757
  • https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
Request Chain 763
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7704152931637928568
Request Chain 765
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%283Wrph3i1u-ZjEvvjzZwKTrifJGNFrClfGDk4GGHCKTwW8kcjAaqSAfhsMPRASLir%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%283Wrph3i1u-ZjEvvjzZwKTrifJGNFrClfGDk4GGHCKTwW8kcjAaqSAfhsMPRASLir%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4c91ee17-416b-4afe-83e4-92245583aca5&obuid=ENC(3Wrph3i1u-ZjEvvjzZwKTrifJGNFrClfGDk4GGHCKTwW8kcjAaqSAfhsMPRASLir) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3Duuid%3D%5BRX_UUID%5D%26obUid%3D3Wrph3i1u-ZjEvvjzZwKTrifJGNFrClfGDk4GGHCKTwW8kcjAaqSAfhsMPRASLir HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1649901094847 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Request Chain 768
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-FiF5Y75E2pfqBnICWz5g1hQOJqtHrrZnFG5.~A
Request Chain 769
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=69d635b5-bb95-11ec-b279-83219ceaa7a0
Request Chain 772
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4c91ee17-416b-4afe-83e4-92245583aca5&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 773
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
Request Chain 774
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1649901093931 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 775
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=aMW0rjWsfaht&ev=1&pid=558355
Request Chain 778
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=18576257-7e1d-4600-b186-4b87cea796dd&gdpr=1&gdpr_consent=
Request Chain 783
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 785
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=Yld.JsCo8X0AAOJfg40AAAAA
Request Chain 786
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=8opCbLz1Th8XQmx5u6rL&pi=gumgum&tc=1
Request Chain 813
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
Request Chain 814
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
Request Chain 816
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=UjB2HmLT2HBI&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Request Chain 817
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Request Chain 819
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
Request Chain 821
  • https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID HTTP 302
  • https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
Request Chain 837
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4c91ee17-416b-4afe-83e4-92245583aca5&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 838
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
Request Chain 845
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 848
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_VL5fRfxRFe4MYSMiqJqgA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_VL5fRfxRFe4MYSMiqJqgA
Request Chain 850
  • https://pixel.rubiconproject.com/token?pid=27384 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN
Request Chain 851
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A3BDC2EA93AF4364963906C238B29D73&expires=365
Request Chain 852
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=69d635b5-bb95-11ec-b279-83219ceaa7a0&expires=30
Request Chain 853
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18576257-7e1d-4600-b186-4b87cea796dd&expires=28
Request Chain 854
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=N1yNz4lE1NEODS5&expires=30
Request Chain 855
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7896357961865025998&expires=60&gdpr=0&gdpr_consent=
Request Chain 908
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yld_IAABzu1TdQAZ
Request Chain 909
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5532520119658720114
Request Chain 913
  • https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n HTTP 302
  • https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n&prevuid=&knw= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=
Request Chain 915
  • https://token.rubiconproject.com/token?pid=10362 HTTP 302
  • https://uipglob.semasio.net/magnite/1/info?sType=sync&sExtCookieId=L1YCI8FD-1G-5SWN&sInitiator=external

908 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
revistaquem.globo.com/
Redirect Chain
  • http://revistaquem.globo.com/
  • https://revistaquem.globo.com/
101 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
854c390f3e37ee3c720eb70f2ad4a4fdb3b18d49b005fd348dd6983297c5ca24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 14 Apr 2022 01:51:21 GMT
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
via
2.0 CachOS
x-bip
284551489 asra03mp05lx03ca10.globoi.com
x-powered-by
Express
x-request-id
84211e2e-a27f-4697-a260-2a51c355e965
x-thanos
0AB1D11D

Redirect headers

Age
0
Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:20 GMT
Location
https://revistaquem.globo.com/
Vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
Via
2.0 CachOS
X-Bip
328667907 ra03 11 15
barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d1de187546e564a61ba6a5a86a44a6212ebac1e93e0e5e6980e1d300bdeba36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
567766592 ra03 11 04
age
550366
content-length
5096
x-xss-protection
1; mode=block
x-request-id
7ca5c94c-1ea0-4c58-8431-02ee119456af
last-modified
Thu, 03 Mar 2022 15:23:31 GMT
x-thanos
0AB1D00B
etag
W/"6220dd73-588f"
vary
Accept-Encoding, Origin
content-type
text/css
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 14 Apr 2022 16:58:36 GMT
quem-shell_78e521014c.css
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/ 		49 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2c5bee7537d03c148c05df01857dcf5bc7072aba13d120d5d00a2b64ee81cfa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
gzip
x-openstack-request-id
txe7779e7d3a8b49b5951c1-00618bedf7
last-modified
Wed, 10 Nov 2021 15:57:25 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1636559844.59509
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
txe7779e7d3a8b49b5951c1-00618bedf7
x-request-id
3ab2abca-95e0-42ec-8814-b1a74572a10a
quem-responsive-shell_508e092b9f.css
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-responsive-shell_508e092b9f.css
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
1967148e397e18e01b981c1b8203a8eba24e143bfbf5410919ceab4340cf570f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
gzip
x-openstack-request-id
txd5e06dec03f641fbba7e8-0061b9e4d9
last-modified
Wed, 15 Dec 2021 12:44:41 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1639572280.59855
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
txd5e06dec03f641fbba7e8-0061b9e4d9
x-request-id
0c87aa08-b686-4daa-b6a8-0e4b4e10b9fd
quem-home_c50afc12d2.css
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-home_c50afc12d2.css
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
720b24863001ba0ad2ee0e6d021f25e1f45c2d729cfa213fb25ea0bd9e51332c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
gzip
x-openstack-request-id
tx951c4e94717043c4814d0-00618e86f2
last-modified
Fri, 12 Nov 2021 15:13:12 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/css
x-timestamp
1636729991.87961
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx951c4e94717043c4814d0-00618e86f2
x-request-id
bacb7222-d236-4b73-8cbf-043e5e4ee960
tools.js
static.infoglobo.com.br/paywall/utils/ 		949 B
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/utils/tools.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
e224ba99630b724e44b225c6a6965d361578c20787a8d742a89c441e7a178844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:42:37 GMT
Content-Encoding
gzip
Age
524
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
489
Last-Modified
Mon, 11 Apr 2022 21:31:27 GMT
Server
Apache
ETag
"a060ef45-3b5-5dc67aab0a9c0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
1295
utag.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		212 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
12959d1509cf8a425771cc53fbf69caa83836cb74fc842dfb7a5249bfde1e9db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:21 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 20:58:25 GMT
server
AkamaiNetStorage
etag
"212bf6c8aa9a3efa262a7903824f8f42:1649192305.429603"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
40418
expires
Thu, 14 Apr 2022 01:56:21 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d74a55b377ca53a908794827239b1cb3e64faf76d291b95d08513e7ca6fcac99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28338
x-xss-protection
0
server
sffe
etag
"1186 / 937 of 1000 / last-modified: 1649887574"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 01:51:23 GMT
lgpd-lib.min.css
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.css
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
gzip
x-openstack-request-id
tx67ec1e0ab6a347d8992fe-006256cd5f
last-modified
Wed, 24 Feb 2021 17:18:00 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/css; charset=utf-8
x-timestamp
1614187079.15655
cache-control
public, max-age=86400
x-trans-id
tx67ec1e0ab6a347d8992fe-006256cd5f
x-request-id
86d086d9-c4eb-4e5f-9fa6-6a969f20497f
lgpd-lib.min.js
s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/ 		46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_89c6d9f49eec4e768bc6ccddcb31a34b/lgpd-lib/lgpd-lib.min.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
gzip
x-openstack-request-id
txe9d76814b55a4aaea9eec-006256cd5f
last-modified
Wed, 24 Feb 2021 17:18:00 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=utf-8
x-timestamp
1614187079.14110
cache-control
public, max-age=86400
x-trans-id
txe9d76814b55a4aaea9eec-006256cd5f
x-request-id
b997c387-b340-4825-950c-4421b89bc74c
tiny.js
static.infoglobo.com.br/paywall/js/ 		212 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
d201b5b5fb19d4bf1daf1480da2cf181b71ed8a175fdc1720bf891ef50e18ee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:42:05 GMT
Content-Encoding
gzip
Age
557
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
44391
Last-Modified
Mon, 11 Apr 2022 21:33:19 GMT
Server
Apache
ETag
"a04822c9-3507f-5dc67b15da5c0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
X-Cache-Hits
2895
loader.js
cdn.taboola.com/libtrc/editoraglobonetwork/ 		666 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ab17dec66e5e6ac09edbdbb8940684e95facd8bc19792aa8101a7d7a02d4277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
WnwuwfmTdci_duJM9xM_9LZp0EUcMhst
content-encoding
gzip
etag
"606872b1e6bf378c3158fa1ffb7f8d8c"
age
43
x-cache
HIT
content-length
46862
x-amz-id-2
580sflKf3umpcIcSPgcZCeGZy8VbgBszCfBVORRevL3BMyse9BMpbAz7EW+nXzBa0Z0w765zvSc=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 13 Apr 2022 09:19:03 GMT
server
AmazonS3
x-timer
S1649901083.124242,VS0,VE1
date
Thu, 14 Apr 2022 01:51:23 GMT
vary
Accept-Encoding
x-amz-request-id
H6R8S0RZ6KK0KZ3Y
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
48
x-cache-hits
1
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6fb8cbc28cfc83a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 17 Apr 2022 01:51:22 GMT
revistaquem.bundle-min_9bb07e6049.js
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/script/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/script/revistaquem.bundle-min_9bb07e6049.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
c56d3d6e1674afe4a6b4144ef949ab8e5efa2ee11eb51eefd2ef5318363c3030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
gzip
x-openstack-request-id
tx4868b4869c9746c485387-006246f9eb
last-modified
Wed, 09 Mar 2022 17:40:09 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1646847608.91872
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx4868b4869c9746c485387-006246f9eb
x-request-id
de906fc1-99f2-4c94-9a8b-bdabb06327d2
sw-script_63490e2d5d.js
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/ 		316 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/sw-script_63490e2d5d.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
6f5e0cfc72b7fdeea2a57455b7ce03b1ae06a970f9cf44983304384c92632119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
x-openstack-request-id
tx9b5a2608733b417fa9adc-006246f9e9
last-modified
Wed, 09 Mar 2022 17:40:02 GMT
x-trans-id
tx9b5a2608733b417fa9adc-006246f9e9
x-thanos
0AB24042
etag
63490e2d5d027f0b9995354823106b9b
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1646847601.98165
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
accept-ranges
bytes
content-length
316
x-request-id
11dc23db-5e5c-4eac-ad1e-0c940865ad2e
bundle-min_230f8625e3.js
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/ 		153 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
4b177a95cee28be021d7e92f57c9f460d34ef8613f5d0871eb40923c3449568e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txbbee334aace5429f9a52c-0061c39d6c
last-modified
Wed, 22 Dec 2021 21:39:40 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1640209179.31334
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
txbbee334aace5429f9a52c-0061c39d6c
x-request-id
77a557a7-d181-4d0f-8965-2dd4f1b2c92c
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
HaiesPTtHqCWTfqoqJ9JJROfndbLH2Y5uE9l6j9GIW0r1cRQSXH30ZI1fdXK4GSwtVax69xGaDm1SrYaubfzLw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Thu, 14 Apr 2022 01:51:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
advertising.js
www.npttech.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.npttech.com/advertising.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/utils/tools.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:bf95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
976
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
B0NVRVPXYP5PAK8P
x-amz-id-2
c8KPV5HIQMv5Yko4bl1ZUFMe7C94dA0KgtVlblhHzO9cDwlqsrm6txK5tIgaNE6FKM0QicEyFoc=
last-modified
Wed, 19 Jun 2019 08:25:01 GMT
server
cloudflare
etag
W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MmPy9pqp14OV%2BI65JqvaapPlj0rqvqrO8khqDUQxzmYoo4G0%2F7jrDZkB7ZS5fNQzvQXy3a6Ll4A06El0M0E7SIrA8e%2FgwVpDJdtJQdUDcPsPgmPR6iz8YgEiHv50zGzmtvZHioY8ooa1jmqyLK4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
x-amz-version-id
hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cf-ray
6fb8cbc9a93ff91f-MXP
profiling.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txa576c749af464dfe83aff-0062577dd1
last-modified
Wed, 12 May 2021 17:50:53 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1620841852.71626
cache-control
public, max-age=180
x-trans-id
txa576c749af464dfe83aff-0062577dd1
x-request-id
4b300366-5842-4b23-9638-bb648a1d6b55
tm13574.js
tag.navdmp.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm13574.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
779
etag
W/"6137b330-4291"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6fb8cbc99a3659dd-MXP
content-type
application/javascript
expires
Thu, 14 Apr 2022 02:38:24 GMT
sexqhznbn.js
cdn.krxd.net/controltag/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0dd0b8ab5c30cabf8f8e21661aa92f32ece402684639a8b602ae838a983e471

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 varnish, 1.1 varnish
age
644
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
20907
x-served-by
config-service-a003-ash-prod.krxd.net, cache-iad-kjyo7100095-IAD, cache-hhn4020-HHN
x-response-time
1
x-do-esi
esi
x-timer
S1649901083.128392,VS0,VE0
etag
"0df39343c53b5029091db9735e972c74b18dfa73"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 9
horizon-common-hit.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txa721dec7d9364a9fbd2ca-0062575c52
last-modified
Wed, 22 Dec 2021 23:24:10 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1640215449.32111
cache-control
max-age=86400
x-trans-id
txa721dec7d9364a9fbd2ca-0062575c52
x-request-id
d7527788-922f-41cf-8604-1b04ba7b2863
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js?utv=ut4.44.201810192103
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
420452481 ra09 20 10
age
2587
content-length
969
x-xss-protection
1; mode=block
x-request-id
33b57859-d201-481a-9644-74bac74c0904
last-modified
Mon, 04 Feb 2019 16:44:48 GMT
x-thanos
0AB4D01E
etag
W/"5c586c00-703"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 14 Apr 2022 02:08:15 GMT
gtm.js
www.googletagmanager.com/ 		181 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFL7JHW
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b7328681d1b9f1fe9018c7e4bf76829398277147824696fed61181decdc4049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63496
x-xss-protection
0
last-modified
Thu, 14 Apr 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 14 Apr 2022 01:51:23 GMT
newsroom.js
c2.taboola.com/nr/editoraglobo-revistaquem/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c2.taboola.com/nr/editoraglobo-revistaquem/newsroom.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47a407adbb2335b3f340b3de75e50542d1c1adae96a54b98423c4bf1927dae9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"2c82bf9e5f6e73dfe4bdb566a6dbe506"
age
13
x-cache
HIT
content-length
16276
x-amz-id-2
KvVm+RPY7UK6uqFO/Yo8LUQeCZqtIrEvfYooBq9v/lTsCu8s3giaDdmd65NQ+kS6xRFptBg7GBw=
x-served-by
cache-hhn4070-HHN
last-modified
Fri, 04 Sep 2020 23:39:50 GMT
server
AmazonS3
x-timer
S1649901083.128960,VS0,VE1
date
Thu, 14 Apr 2022 01:51:23 GMT
vary
Accept-Encoding
x-amz-request-id
6CRKK3HVQMN1PT3V
via
1.1 varnish
cache-control
max-age=14400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
barra-globocom.min.js
barra.globo.com/gl/ba/oidcprodutos/js/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
82cd1b61b349324e102d58679583114bd5b2620347f422ad05851b825a926748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
567240057 ra03 11 04
age
550369
content-length
16645
x-xss-protection
1; mode=block
x-request-id
87c266c2-6b8c-434e-8172-b7c8e8be8834
last-modified
Thu, 03 Mar 2022 15:23:29 GMT
x-thanos
0AB1D00B
etag
W/"6220dd71-b991"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 14 Apr 2022 16:58:33 GMT
ico-search_593c61ae11.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ 		595 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ico-search_593c61ae11.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-responsive-shell_508e092b9f.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
9173a4efb861aef9c0ca93e52076e2509f8b562f8da539160a7bcfece3a4fc02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-responsive-shell_508e092b9f.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx08857c19ea58406389617-006246f9f1
last-modified
Wed, 09 Mar 2022 17:39:55 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847594.39309
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx08857c19ea58406389617-006246f9f1
x-request-id
ba0fbe38-632d-4bd1-b776-138accfbb888
truncated
/ 		438 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cbce24d2a3704cee73eabb21b357f45d9a5fc2a18a541bc6aa0ee8e3049dd6ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo-quem_e9523f94d6.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/logo-quem_e9523f94d6.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
8fc1bf0012884a2ecdf3e7deccecc3bec80cc9cba7a1a6fe394c9956d15d883f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx2f5fad5fc0c74bdcb2755-006246f9ea
last-modified
Wed, 09 Mar 2022 17:40:10 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847609.47598
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx2f5fad5fc0c74bdcb2755-006246f9ea
x-request-id
0c299c0b-daea-4801-9198-9389cd57dd65
ico-time_0910470031.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ 		808 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ico-time_0910470031.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-home_c50afc12d2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
d79ab4039ad7289a8030eca1e4f31f4e0ecd9b5b798109c2b3e1aafeb48a6e30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-home_c50afc12d2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txe332515bfb8f48c1be6c4-006246fa33
last-modified
Wed, 09 Mar 2022 17:39:48 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847587.88767
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
txe332515bfb8f48c1be6c4-006246fa33
x-request-id
ea6bdfb5-07c3-44d2-a2c7-41cec079a6ac
bianca-rinaldi-foto-ricardopenna.jpg
s2.glbimg.com/RlHJkHvEsjGtQxHL5iJKFQQuKSw=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/04/08/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/RlHJkHvEsjGtQxHL5iJKFQQuKSw=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/04/08/bianca-rinaldi-foto-ricardopenna.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
cf78eb6b8deefa917667cf76c2583d2a1b8e9a45b14ffa2519f6a42a0fc33de9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
2.0 CachOS
x-bip
173509854 ra11 03 08
age
46709
etag
"1d233337e5ec64c8412a4e5f2c4bd20b698d90a4"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
24646
x-request-id
159c30e7-8b4a-4d87-9ac6-323bfcea4592
expires
Fri, 13 May 2022 12:46:03 GMT
index.html
revistaquem.globo.com/amp-stories/7-escandalos-amorosos-de-hollywood/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://revistaquem.globo.com/amp-stories/7-escandalos-amorosos-de-hollywood/index.html
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx8c97acd3504e41a088691-0062577d69
x-bip
753270880 asra03mp05lx03ca10.globoi.com
age
177
charset
utf-8
supportspointer
true
content-length
4573
x-request-id
74126187-13dd-40d8-8611-e34266f8d67f
x-timestamp
1611699934.87321
x-thanos
0A81E0C3, 0AB1D11D
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
x-trans-id
tx8c97acd3504e41a088691-0062577d69
cache-control
max-age=600, public
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:58:25 GMT
index.html
revistaquem.globo.com/amp-stories/por-onde-andam-as-criancas-que-fizeram-historia-na-tv/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://revistaquem.globo.com/amp-stories/por-onde-andam-as-criancas-que-fizeram-historia-na-tv/index.html
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txd66eec9e96134547a3df3-0062577d69
x-bip
615847457 asra03mp05lx03ca10.globoi.com
age
177
charset
utf-8
supportspointer
true
content-length
4163
x-request-id
816a6747-c08b-45f1-a764-f1db73634230
x-timestamp
1609253976.62340
x-thanos
0A8220C3, 0AB1D11D
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
x-trans-id
txd66eec9e96134547a3df3-0062577d69
cache-control
max-age=600, public
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:58:25 GMT
index.html
revistaquem.globo.com/amp-stories/8-remakes-de-filmes-classicos/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://revistaquem.globo.com/amp-stories/8-remakes-de-filmes-classicos/index.html
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx002c57b38bad4fc0b383e-0062577c6c
x-bip
657097725 asra03mp05lx03ca10.globoi.com
age
177
charset
utf-8
supportspointer
true
content-length
4627
x-request-id
8310dd3d-9187-4f19-a42d-d72b50095c9e
x-timestamp
1608518627.71159
x-thanos
0A81E0C3, 0AB1D11D
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
x-trans-id
tx002c57b38bad4fc0b383e-0062577c6c
cache-control
max-age=600, public
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:58:25 GMT
index.html
revistaquem.globo.com/amp-stories/conheca-aneis-de-noivado-milionarios/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://revistaquem.globo.com/amp-stories/conheca-aneis-de-noivado-milionarios/index.html
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txdc9878d700144143bd54a-0062577b9a
x-bip
439910833 asra03mp05lx03ca10.globoi.com
age
408
charset
utf-8
supportspointer
true
content-length
4635
x-request-id
146bbf34-244f-4c68-8d89-885e945841b8
x-timestamp
1609255504.71416
x-thanos
0A8220C3, 0AB1D11D
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
x-trans-id
txdc9878d700144143bd54a-0062577b9a
cache-control
max-age=600, public
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:54:34 GMT
index.html
revistaquem.globo.com/amp-stories/8-castelos-e-locais-da-realeza-que-voce-pode-visitar/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://revistaquem.globo.com/amp-stories/8-castelos-e-locais-da-realeza-que-voce-pode-visitar/index.html
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx7f151ed5e907407f87334-0062577d69
x-bip
12935172 asra03mp05lx03ca10.globoi.com
age
177
charset
utf-8
supportspointer
true
content-length
4936
x-request-id
97776010-fae7-4088-9643-f6b6e7be5bdd
x-timestamp
1609206532.20240
x-thanos
0A81E0C3, 0AB1D11D
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
x-trans-id
tx7f151ed5e907407f87334-0062577d69
cache-control
max-age=600, public
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:58:25 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:22 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1033
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6fb8cbc87b0583a0-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 17 Apr 2022 01:51:22 GMT
truncated
/ 		137 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05e55a8e47d16674a1f017ae9916e2f9950db37a222d8f9a536867f4019b87e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
webstories-arrow_eb1a60c224.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ 		1000 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/webstories-arrow_eb1a60c224.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-home_c50afc12d2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3a002509f2f507a7d5780894697e6853bd55ef88d1019c3a02f68186141d62c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-home_c50afc12d2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx670d68b0022c475eb2208-006246fb00
last-modified
Wed, 09 Mar 2022 17:40:11 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847610.65116
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx670d68b0022c475eb2208-006246fb00
x-request-id
cfda26bf-ccf6-427a-90d3-a20a2c2860eb
ico-social-facebook2-quem_ba0015168c.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ 		578 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ico-social-facebook2-quem_ba0015168c.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e45e59828c677e3e4c38548aaf88bf502fd803c702e60563b91862a1fcc94d43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx22f74439d16243078be76-006246f9f3
last-modified
Wed, 09 Mar 2022 17:40:10 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847609.62666
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx22f74439d16243078be76-006246f9f3
x-request-id
9062fc85-9e9d-4b24-a817-8a61de92585f
ico-social-twitter2-quem_4901f10784.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ 		1 KB
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ico-social-twitter2-quem_4901f10784.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
614bf89061b5e5734019992b5aeb278be2322bfbfd138240087589e56a8f5368

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx311b2521a1e04dcdbe13b-006246f9f3
last-modified
Wed, 09 Mar 2022 17:40:10 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847609.81181
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx311b2521a1e04dcdbe13b-006246f9f3
x-request-id
534af615-69d0-4953-8e2c-5924979d56c8
ico-social-instagram-quem_72caeca0e2.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ 		1 KB
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ico-social-instagram-quem_72caeca0e2.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e48a3f69eb2ce81790894baf38d3592dda37c117c993b52e661edcca11259f9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx5080372c8284493796884-006246f9ed
last-modified
Wed, 09 Mar 2022 17:40:10 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847609.89477
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx5080372c8284493796884-006246f9ed
x-request-id
1b483e6f-9aeb-45fa-82bb-51ca62d03e1b
ico-social-pinterest2-quem_70b7c994d7.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ 		1 KB
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/media/ico-social-pinterest2-quem_70b7c994d7.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e876877893000b5c8c9eeb02c30aa3bf1de88c1d2724da7dd17d80e1bd32e6c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txfeb163e30ae5452ea0230-006246f9f3
last-modified
Wed, 09 Mar 2022 17:40:10 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847609.97729
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
txfeb163e30ae5452ea0230-006246f9f3
x-request-id
63694ee5-de9d-4246-b833-8bf3d560305a
logo-eg_f76de07ff1.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/logo-eg_f76de07ff1.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
1ac7e6b68a127fd1254f55a57095c0deefe0f8e971d8a7ce91ee1d9088f24cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx31d987ed310a4e7eaf280-006246f9e5
last-modified
Wed, 09 Mar 2022 17:39:55 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847594.32688
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx31d987ed310a4e7eaf280-006246f9e5
x-request-id
70294394-15f3-448f-af23-5a347f9fe7db
globocom_f5f8709f96.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/globocom_f5f8709f96.svg
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
05163eb5b956deaad5a617709f1608bfd2db0b937ae10b43a4419f6c9490af61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txba1f98ac968d4568bdc7a-006246f9f2
last-modified
Wed, 09 Mar 2022 17:39:55 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847594.18517
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
txba1f98ac968d4568bdc7a-006246f9f2
x-request-id
15b07bcb-7a7d-4538-a4ae-1e51a993af01
barbara-paz-bob-wolfenson.jpg
s2.glbimg.com/CGlWVX_MJQOxnmVAjLCdOZJiGHI=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/04/11/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/CGlWVX_MJQOxnmVAjLCdOZJiGHI=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/04/11/barbara-paz-bob-wolfenson.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
981f5728d7beeb7af673d88d8e2d220bace90b334a1bc636cd9fb54f16937448

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
2.0 CachOS
x-bip
173542249 ra11 03 08
age
46709
etag
"57c34fd45b7818c9108db12f21113a4bab83f6e6"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
16952
x-request-id
c7f1a8ea-ee12-4522-8e88-201656b2065e
expires
Fri, 13 May 2022 12:46:58 GMT
whatsapp_image_2022-04-04_at_16.39.59.jpeg
s2.glbimg.com/kERVUVjvrZiKdIdKcRFUnB7jtXs=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/04/04/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/kERVUVjvrZiKdIdKcRFUnB7jtXs=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/04/04/whatsapp_image_2022-04-04_at_16.39.59.jpeg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
46b484ef0ed60dcd8f5be8035cd9e753834e47f3d2c6ea7b8676d51d73d5bd55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
2.0 CachOS
x-bip
167901636 ra11 03 08
age
740782
etag
"28f748d5752a920811e1f2df273050b5d1dd41f5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
12920
x-request-id
127a065f-ff40-4646-85da-15e4c18f3877
expires
Thu, 05 May 2022 11:55:07 GMT
banzeirosp_275761125_1960900834093147_3945467063029707947_n.jpg
s2.glbimg.com/v4Xt9d8vWDqFqVb0sPDNjhmuo7U=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/03/30/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/v4Xt9d8vWDqFqVb0sPDNjhmuo7U=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/03/30/banzeirosp_275761125_1960900834093147_3945467063029707947_n.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
e82651125583ff47831f367eb40354105881e968fa2acb63bfb3d214cc73b78a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
2.0 CachOS
x-bip
170354157 ra11 03 08
age
740782
etag
"494cc411e86d760a4a26ba7c6e998033fc80c15b"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
18238
x-request-id
3881ce4a-08d5-4d8b-b04b-43738ffe63f7
expires
Thu, 05 May 2022 11:56:03 GMT
1b0a0807.jpg
s2.glbimg.com/0cj2GxonG7WyWLLXVCv-kOo6AgU=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/03/29/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/0cj2GxonG7WyWLLXVCv-kOo6AgU=/300x250/smart/e.glbimg.com/og/ed/f/original/2022/03/29/1b0a0807.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
11a97dcb69d07f253ab99472b69174f4c0b8d32d20ab4dcd41275b40298bb4db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
2.0 CachOS
x-bip
172271812 ra11 03 08
age
477239
etag
"90a70c820f0fde2168168311a68949f9592dee0c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
15074
x-request-id
5b650e48-62bd-4393-97a7-09f777a6dbe6
expires
Sun, 08 May 2022 13:12:49 GMT
controltag.js.f5d7048d3841bccb4f5d92333c20b066
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
age
780035
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2313
content-length
84741
x-served-by
cache-hhn4020-HHN
last-modified
Fri, 01 Apr 2022 11:47:20 GMT
x-timer
S1649901083.153392,VS0,VE0
etag
"f5d7048d3841bccb4f5d92333c20b066"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Mon, 29 Mar 2032 11:47:19 GMT
tv4.min.js
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
txbc1b5e5e19504665b0730-006246f9e4
last-modified
Fri, 25 May 2018 14:11:50 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
application/javascript
x-timestamp
1527257509.32548
cache-control
public, max-age=31536000
x-trans-id
txbc1b5e5e19504665b0730-006246f9e4
x-request-id
ba7447da-3c23-4828-8c79-562ba08e8ef2
448175289087284
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448175289087284?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2eedb52ed8cda5a110ade58886f1f0c7bb59a5e591da0408959f6b49c55b7e7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89095
x-xss-protection
0
pragma
public
x-fb-debug
8rAHZlojjTWAzLo4l965yIrKzo1T3zf+3kSbBtrdbMp9wbj7tkV6Q+1RnoNPGpeVyYbnLokV6p5PEGYFitJyeg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 14 Apr 2022 01:51:23 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
load.js
widget.perfectmarket.com/editoraglobonetwork/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af38286fa634519ab80524b90b1e992febefc15923c89b1663bcd46dfee2c383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
gUgj3C7AZJFMWF2Nwsx5cjlAkNxfoKpr
content-encoding
gzip
etag
"061b43bac53a5e78578ef76be22c651a"
age
164
x-cache
HIT, HIT
content-length
1576
x-amz-id-2
k9La8iFscv+e7Ehco3katkiIZygPL77C4KTepSlivnLwrJMiWYwJN1HCTRjSv0WPRic/xeNZaWo=
x-served-by
cache-lax10633-LGB, cache-hhn4078-HHN
last-modified
Tue, 28 Dec 2021 18:47:08 GMT
server
AmazonS3
x-timer
S1649901083.231787,VS0,VE1
date
Thu, 14 Apr 2022 01:51:23 GMT
vary
Accept-Encoding,,
x-amz-request-id
306DV6Z2Q5WWK6JP
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
impl.20220413-5-RELEASE.es5.js
cdn.taboola.com/libtrc/ 		699 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
9fc6c18a8e6ed3ba7cd3bb99cb3de3c5d9d480e211b582d450f071353c3208c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
B8qXi1_wGsENcFrf09QN8RMEDVU9Vz2v
content-encoding
br
etag
"eba9bc2b912cb190fdc522661bf5ccb3"
age
2778
x-cache
HIT
content-length
137165
x-amz-id-2
uz5t7gQ46Ye9GAtouMewMsbid1Gg4Z6LCEPPIiJeO29evsgqnSPSIeOcXhwc7jPEkWhxH+cuBvQ=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 13 Apr 2022 09:03:14 GMT
server
AmazonS3-br
x-timer
S1649901083.212227,VS0,VE0
date
Thu, 14 Apr 2022 01:51:23 GMT
vary
Accept-Encoding
x-amz-request-id
S400HB8HE66D2S99
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
62
x-cache-hits
353
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 03:13:53 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
83279
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
zTGK2B01Rh2FIZ6NDx9gDMEn-uBSy2Nr0KxLSH5qs3MVHejP9_uJRA==
get-action
nr-events.taboola.com/newsroom/1.0/editoraglobo-revistaquem/ 		132 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/editoraglobo-revistaquem/get-action?page.url=https%3A%2F%2Frevistaquem.globo.com%2F&view.id=543910411116931719&page.template=home&page.dashboard=home
Requested by
Host: c2.taboola.com
URL: https://c2.taboola.com/nr/editoraglobo-revistaquem/newsroom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4e375d76b96016f2a080db6e2f968bc666a3255bd40577c04e908c80e6f9ef45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

tbl-x-upstream
10.45.181.209:8080
date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1649901083.232076,VS0,VE9
x-served-by
cache-hhn4039-HHN
x-cache
MISS
content-type
application/json;charset=UTF-8
accept-ranges
bytes
content-length
132
x-application-context
front-page-event-server:production
x-cache-hits
0
tm46169.js
tag.navdmp.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/tm46169.js
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Sep 2021 18:45:04 GMT
server
cloudflare
age
3101
etag
W/"6137b330-2e58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
6fb8cbca3ac659dd-MXP
content-type
application/javascript
expires
Thu, 14 Apr 2022 01:59:42 GMT
usr
usr.navdmp.com/ 		77 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dd2945cf2b95270268ccef88ff25acf706ec8335e24e720741cd030c245509c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fb8cbca4acd59dd-MXP
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Thu, 14 Apr 2022 02:51:23 GMT
pubads_impl_2022040701.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127673
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 08:34:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Apr 2023 19:24:50 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1001 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2c295aa4b7ba8950be488f4ecb7b979862d8401472edcab98e5483b978b1978b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Thu, 14 Apr 2022 01:51:23 GMT
notify-impression
nr-events.taboola.com/newsroom/1.0/editoraglobo-revistaquem/ 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nr-events.taboola.com/newsroom/1.0/editoraglobo-revistaquem/notify-impression?page.url=https%3A%2F%2Frevistaquem.globo.com%2F&view.id=543910411116931719&page.template=home&page.dashboard=home
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

tbl-x-upstream
10.44.68.88:8080
date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 varnish
server
nginx
x-timer
S1649901083.260941,VS0,VE8
x-served-by
cache-hhn4039-HHN
x-cache
MISS
accept-ranges
bytes
x-application-context
front-page-event-server:production
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFL7JHW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
993
date
Thu, 14 Apr 2022 01:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 14 Apr 2022 03:34:50 GMT
hotjar-849637.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-849637.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFL7JHW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-83.fra56.r.cloudfront.net
Software
/
Resource Hash
610787c31b1001f0697b3be7e652121c9889ee55561a414e3a618aae2194133a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:10 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
13
etag
W/daacefcc393a86e66559e2a2e6699edd
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
nRzcD4Jek1E3z3dBK6y1tq3N6Yg55OiU_7MNUpehzeY6sS8ZuO54Cg==
via
1.1 6f32a39163a1e36ace7a71a85e2d2884.cloudfront.net (CloudFront)
ivc.js
gadasource.storage.googleapis.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gadasource.storage.googleapis.com/ivc.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:45:25 GMT
content-encoding
gzip
age
358
x-guploader-uploadid
ADPycduZCiiLmR8fT__N049r2DCMYpv-_sHBN0PZYhAbTr3nV9SNFJegmxMvZjWLTobDiI7c59pAsIkq7x5JoW_VFRKt8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24321
last-modified
Mon, 02 Sep 2019 19:50:51 GMT
server
UploadServer
etag
"cdaa61cbc24c48191196b45b31a7e18b"
vary
Accept-Encoding
x-goog-hash
crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation
1567453851562424
cache-control
public, max-age=3600
x-goog-stored-content-length
24321
accept-ranges
bytes
content-type
text/plain
expires
Thu, 14 Apr 2022 02:45:25 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame D488 		805 B
824 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1992442
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Thu, 14 Apr 2022 01:51:23 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
953
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-hhn4020-HHN
x-timer
S1649901083.313091,VS0,VE0
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448175289087284&ev=PageView&dl=https%3A%2F%2Frevistaquem.globo.com%2F&rl=&if=false&ts=1649901084817&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649901084815.1599294466&it=1649901084676&coo=false&rqm=GET
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 14 Apr 2022 01:51:23 GMT
pmk-202010011.6.js
widget.perfectmarket.com/editoraglobonetwork/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.perfectmarket.com/editoraglobonetwork/pmk-202010011.6.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/editoraglobonetwork/load.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b383f17092354aea8e8598be6d4d8acb0de6a35b1f69620e85da57045197522

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
Dj133TGBylNn2devt9Fgqn4nkuTE2sRn
content-encoding
gzip
etag
"a3a81c61409dd6a1e8ba2cb105c53a4a"
age
9183845
x-cache
HIT, HIT
content-length
27703
x-amz-id-2
/hXUUPkGjax214+W9IPhoIb91DcgIyAcPR21KEDT3QLsugmoD2/zq7JEYbnPwWtxpBVJqxkj3Oo=
x-served-by
cache-sna10749-LGB, cache-hhn4078-HHN
last-modified
Tue, 28 Dec 2021 18:47:08 GMT
server
AmazonS3
x-timer
S1649901083.364434,VS0,VE1
date
Thu, 14 Apr 2022 01:51:23 GMT
vary
Accept-Encoding,,
x-amz-request-id
3Q1J8VC8V668WEJV
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1649901084868&ns_c=UTF-8&cv=3.5&c8=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebrid...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1649901084868&ns_c=UTF-8&cv=3.5&c8=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebri...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1649901084868&ns_c=UTF-8&cv=3.5&c8=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&c7=https%3A%2F%2Frevistaquem.globo.com%2F&c9=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
pM0LpdeUMpOj1Qra-cDUQJrzzFeuuAhNlDi7vggkhJx29kw8DYoghg==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=7&c2=34354936&c3=1&ns__t=1649901084868&ns_c=UTF-8&cv=3.5&c8=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&c7=https%3A%2F%2Frevistaquem.globo.com%2F&c9=
date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
_aW3XBzIjkqTfcA61TCZyrEgWfi6MMR0MrKuTWZmig-3TQjQZ2QU4g==
x-cache
Miss from cloudfront
usr
usr.navdmp.com/ 		77 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46169&upd=1&new=1&wst=0&wct=1&dsy=0
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7698581c6ce7e5241d7bc2a4066a24abb52a938ccffa4befb7b366cc0560719a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
public
date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6fb8cbcb2b8e59dd-MXP
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
content-type
application/javascript
expires
Thu, 14 Apr 2022 02:51:23 GMT
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		235 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a001-dub-prod.krxd.net, cache-hhn4083-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1649901083.413641,VS0,VE27
content-length
192
x-cache-hits
0, 0
card-interference-detector.20220413-5-RELEASE.es5.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/card-interference-detector.20220413-5-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a516e648890554c0edfb530da37f1168aa5f524b2a6da49c1f194549f94d5a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
sQtbMoIsgSaN789QjVN2dkLzHbh.Ctbq
content-encoding
gzip
etag
"838bad879db2a740c1eb72583e133a8b"
age
20
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2789
x-amz-id-2
NSvm/O7pZq8ApO8oedmfZuZywfjXRR39ChB42/5ySXkf+1Cj2l/cjXmcNRoYQ/zYrAJRJo83rWo=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 13 Apr 2022 09:18:12 GMT
server
AmazonS3
x-timer
S1649901083.421008,VS0,VE0
date
Thu, 14 Apr 2022 01:51:23 GMT
vary
Accept-Encoding
x-amz-request-id
P9D30E4GEYXM9AQR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
4
publisher:getClientId
ampcid.google.com/v1/ 		74 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
horizon-client-js.min.js
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx3fea072c0a174b288981a-0062577dc7
last-modified
Fri, 13 Nov 2020 17:21:38 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/javascript
x-timestamp
1605288097.88717
cache-control
public, max-age=600
x-trans-id
tx3fea072c0a174b288981a-0062577dc7
x-request-id
3bf14504-550c-4749-b638-4a4dcf4e4104
glb-pv-min.js
s.glbimg.com/bu/rt/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/bu/rt/js/glb-pv-min.js
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
398811873 ra09 20 10
age
2587
content-length
969
x-xss-protection
1; mode=block
x-request-id
bfd4a104-6efe-4a63-b89b-97248c8db4c6
last-modified
Mon, 04 Feb 2019 16:44:48 GMT
x-thanos
0AB4D01E
etag
W/"5c586c00-703"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Thu, 14 Apr 2022 02:08:15 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035227/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:44:51 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
393
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
7ed1bzRo-qr4RlA4ucxae7s1_NIYK-LeO3Wmtu058aasZ1RPE9YW9g==

Redirect headers

location
/internal-c2/default/cs.js
date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
IqpfhrfRiwvC2TwiMTjWdSazq4GrvbrTVfAWs1CdXMYjYlkjaIYg8A==
x-cache
Miss from cloudfront
globoid-js.min.js
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/1.4.1/ 		159 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/1.4.1/globoid-js.min.js
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/js/barra-globocom.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
ee72a800f0e75a30ba23632ed5689c707913bb9c598e22a825af375d10a2bc75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-openstack-request-id
tx7e989fae8a924e8a9e152-0062577e04
last-modified
Tue, 29 Sep 2020 17:43:36 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
text/html
x-timestamp
1601401415.68699
cache-control
public, max-age=180
x-trans-id
tx7e989fae8a924e8a9e152-0062577e04
x-request-id
e7c87afa-9416-4ba5-9a52-2370924673db
p
sb.scorecardresearch.com/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1649901084983&ns_c=UTF-8&c8=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&c7=https%3A%2F%2Frevistaquem.globo.com%2F&c9=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
43
x-amz-cf-id
VCm2sisEbNH3fmmlDWivYI2xzexC0m_FtEo-XYr_KxXO7uBO4In_oA==
x-cache
Miss from cloudfront
content-type
image/gif
sexqhznbn.js
cdn.krxd.net/controltag/ Frame D488 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sexqhznbn.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f0dd0b8ab5c30cabf8f8e21661aa92f32ece402684639a8b602ae838a983e471

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 14 Apr 2022 01:51:23 GMT
via
1.1 varnish, 1.1 varnish
age
644
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
20907
x-served-by
config-service-a003-ash-prod.krxd.net, cache-iad-kjyo7100095-IAD, cache-hhn4020-HHN
x-response-time
1
x-do-esi
esi
x-timer
S1649901083.489264,VS0,VE0
etag
"0df39343c53b5029091db9735e972c74b18dfa73"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 10
modules.0076bf93c385ddf0ff58.js
script.hotjar.com/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-849637.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 10:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
54137
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63817
access-control-allow-origin
*
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
etag
"838915b4bc2438e3190a8320d0520962"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
vpkUuJijpYNFXszOwtBovusgdkAmxHP-DbWCxEi33yNFyOvFOAUhpA==
cadun.js
s.glbimg.com/pc/ca/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/cadun.js
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/profiling/profiling.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
398811874 ra09 20 10
age
17013
content-length
5547
x-xss-protection
1; mode=block
x-request-id
1fd94bae-8a34-4bdd-be2b-561c44a921f7
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB4D01E
etag
W/"6011d1fe-3759"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 20 Apr 2022 21:07:50 GMT
schemas
horizon-schemas.globo.com/ 		126 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://horizon-schemas.globo.com/schemas
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.117 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-117.prt.globo.com
Software
/
Resource Hash
e3cb72fa88eb1d422d6f44b3cdec51f37e56977dc75c7b5039d50c98a7bc352c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
880707436 ra03 11 14
age
3922
vary
X-Forwarded-Proto, Accept-Encoding, Origin
content-length
12010
x-xss-protection
1; mode=block
x-request-id
411f5e77-dcd6-4a0d-973c-76d29e36aa86
access-control-allow-origin
https://revistaquem.globo.com
x-thanos
0AB1D026
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json; charset=UTF-8
via
2.0 CachOS
cache-control
max-age=7200, public
accept-ranges
bytes
i
ivccf.ivcbrasil.org.br/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivccf.ivcbrasil.org.br/i?stm=1649901085184&e=pv&url=https%3A%2F%2Frevistaquem.globo.com%2F&page=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=142&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=7737b20e-b2cc-4485-b052-26bfa8761cb8&dtm=1649901085182&vp=1600x1200&ds=1600x5023&vid=1&sid=625b9f8e-b269-4150-9a5d-42e49bc58a94&duid=db370b26-2fde-4076-829f-b6c49b48be25&fp=3363920279
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.107.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-107-6.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:24 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
req
cdn.navdmp.com/ 		6 B
79 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=108da55acaf4eb020e8a3c074b10&acc=13574&url=https%3A//revistaquem.globo.com/&tit=QUEM%20-%20Fotos%2C%20not%EDcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&h1=Quem
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fb8cbcd1d9859dd-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
usermatch.gif
beacon.krxd.net/ 		0
338 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=108da55acaf4eb020e8a3c074b10
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1649901083
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
publisher:getClientId
ampcid.google.de/v1/ 		3 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
box-4924254a9ce4dc9b959b6e4a9b662d60.html
vars.hotjar.com/ Frame 08D4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-849637.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-40.fra60.r.cloudfront.net
Software
/
Resource Hash
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
54137
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 10:49:06 GMT
etag
"1635635016e428baa170305e9282c34a"
last-modified
Wed, 13 Apr 2022 10:48:29 GMT
vary
Accept-Encoding
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-id
i05gWC_hr6cC2H0wNCwrZ2yUGkY_G5GPA1MTzsocigUrRDc6rw4X6Q==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
req
cdn.navdmp.com/ 		6 B
59 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=108da546392a2c36d93faa665910&acc=46169&tit=QUEM%20-%20Fotos%2C%20not%EDcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fb8cbcd5dc559dd-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
controltag.js.f5d7048d3841bccb4f5d92333c20b066
cdn.krxd.net/ctjs/ Frame D488 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sexqhznbn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
age
780035
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2314
content-length
84741
x-served-by
cache-hhn4020-HHN
last-modified
Fri, 01 Apr 2022 11:47:20 GMT
x-timer
S1649901084.771286,VS0,VE0
etag
"f5d7048d3841bccb4f5d92333c20b066"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Mon, 29 Mar 2032 11:47:19 GMT
utag.25.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.25.js?utv=ut4.44.202202241510
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fef5a532b71ee7e705550d686460033c32173ef2d893dc2d0328c037dfc6e57f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 15:10:36 GMT
server
AkamaiNetStorage
etag
"01c6d18e3107da97119e2de348cc19bb:1645715436.481591"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
2597
expires
Fri, 29 Apr 2022 01:51:23 GMT
utag.24.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.24.js?utv=ut4.44.201903201746
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
54a87ff9ead205dbc3a99e2520f1b743ca86d63f91698b3eaaf98858a9563f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 14:22:26 GMT
server
AkamaiNetStorage
etag
"2a112ea085f42ed67f849727a0be3a97:1609856546.335351"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3457
expires
Fri, 29 Apr 2022 01:51:23 GMT
utag.29.js
tags.tiqcdn.com/utag/globo/editora/prod/ 		1 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/globo/editora/prod/utag.29.js?utv=ut4.44.201911252014
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9d4f298b9266e5e548da14a56548eedc87dff49e1fc054dc7fd7b19cf0db55d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:23 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 14:22:22 GMT
server
AkamaiNetStorage
etag
"c1b2fbf362855ad1a62e74c71220384b:1609856542.812869"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
695
expires
Fri, 29 Apr 2022 01:51:23 GMT
regular.woff2
s3.glbimg.com/cdn/fonts/proximanova/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.glbimg.com/cdn/fonts/proximanova/regular.woff2
Requested by
Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3

Request headers

Referer
https://barra.globo.com/
Origin
https://revistaquem.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
x-openstack-request-id
tx90e3d92db70f498e8f7cb-006220ea8a
last-modified
Tue, 25 Jun 2019 17:42:57 GMT
x-thanos
0AB24047
etag
a28c6bf751afd0731507d904609fe5da
vary
Accept-Encoding, Origin
content-type
application/font-woff2
access-control-allow-origin
*
access-control-expose-headers
x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
cache-control
public, max-age=31536000
content-length
20904
accept-ranges
bytes
x-trans-id
tx90e3d92db70f498e8f7cb-006220ea8a
x-request-id
f922ea6d-98ac-47ea-82a1-e004a1202b88
x-timestamp
1561484576.57450
horizon-pageview
horizon.globo.com/auth-session/activity/revistaquem/ 		0
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://horizon.globo.com/auth-session/activity/revistaquem/horizon-pageview?object=https%3A%2F%2Frevistaquem.globo.com%2F&Referrer=&tags=&client_version=0.3.11
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
x-served-from
hzt-tsuru
content-length
0
strict-transport-security
max-age=60
content-type
text/plain; charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6883270-1&cid=416071499.1649901085&jid=1139464064&gjid=1557078903&_gid=585604907.1649901085&_u=YGBAgEABAAQCAE~&z=1332237216
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 14 Apr 2022 01:51:23 GMT
content-type
text/plain
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=590669618&t=pageview&_s=1&dl=https%3A%2F%2Frevistaquem.globo.com%2F&ul=en-us&de=UTF-8&dt=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAQC~&jid=1139464064&gjid=1557078903&cid=416071499.1649901085&tid=UA-6883270-1&_gid=585604907.1649901085&gtm=2wg460NFL7JHW&cd2=Capa&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=responsivo&cd60=N%C3%A3o&cd5=416071499.1649901085&z=1726278023
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Apr 2022 18:48:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
25374
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1.tiny.js
static.infoglobo.com.br/paywall/js/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
e433fd58b79aab4ef01540c2f460f9ea075b90fb5dd450428d0196b2beb493aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:41:57 GMT
Content-Encoding
gzip
Age
566
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
4543
Last-Modified
Mon, 11 Apr 2022 21:33:19 GMT
Server
Apache
ETag
"a0401e83-6ad3-5dc67b15da5c0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
X-Cache-Hits
3292
17.tiny.js
static.infoglobo.com.br/paywall/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.infoglobo.com.br/paywall/js/17.tiny.js
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.177.167 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
Apache /
Resource Hash
b6b1391a9a499184a9d60faa2e8b212622dc880b1c5b5462fa99c559c9dea55d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:41:56 GMT
Content-Encoding
gzip
Age
567
grace
none
X-Cache
HIT
Connection
Keep-Alive
Content-Length
1866
Last-Modified
Mon, 11 Apr 2022 21:33:19 GMT
Server
Apache
ETag
"a049c961-16a1-5dc67b15da5c0"
vary
X-Forwarded-Proto
Content-Type
text/javascript
Access-Control-Allow-Origin
*
cache-control
public, max-age=1800
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-Cache-Hits
3230
load
experience.tinypass.com/xbuilder/experience/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Requested by
Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52da9a9e9b8e27c39dc5352c75f944738f6941b905541c0b6a42a3f725bd617e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
vary
accept-encoding
cf-cache-status
HIT
age
3238
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cqb1barqfsU
wn
prod-exp-10-0-112-65
last-modified
Thu, 14 Apr 2022 00:57:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=1800
cf-ray
6fb8cbcf0d2a3745-MXP
expires
Thu, 14 Apr 2022 02:21:24 GMT
newslist.json
revistaquem.globo.com/ 		19 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/newslist.json?section=quem-acontece&limit=41&init=0&site=revistaquem
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
2f1b3941c95cc86eccf37613b6a658b61dfd925340a2f22d3e5729eb735daf17

Request headers

Referer
https://revistaquem.globo.com/
original-uuid
ff0b632a-1d9a-49d9-875a-8216683ab771
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
381903036 asra03mp05lx03ca10.globoi.com
age
178
x-powered-by
Express
content-length
5751
x-request-id
9810f88a-f14a-4f0c-85ec-a764e1c2c0ad
original-uuid
f6883d5d-cedd-45e6-9ec0-bdbe86b8ceb7
x-thanos
0AB1D11D
etag
W/"4de2-Mw/0OPMubfoaPxS2vfGodj2PFks"
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
application/json; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-robots-tag
noindex, nofollow
/
revistaquem.globo.com/one-signal/definition/
Redirect Chain
  • https://revistaquem.globo.com/one-signal/definition
  • https://revistaquem.globo.com/one-signal/definition/
94 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/one-signal/definition/
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
8b29691a91ee4c0f1d407cf959f43101bc58f6f6e702198e76b5f8cfd8f92d4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
original-uuid
ac6e15b7-bc83-4ecf-9951-d4e7ff4c6dde
x-bip
599460239 asra03mp05lx03ca10.globoi.com
age
85
x-powered-by
Express
etag
W/"5e-kZJYeqm5AcdAtDMzxN2r5am5R4c"
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
application/json; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
107
x-request-id
9af4f686-d819-414f-9048-34406fa8fa9f

Redirect headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
753470044 asra03mp05lx03ca10.globoi.com
age
73
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html
location
https://revistaquem.globo.com/one-signal/definition/
x-thanos
0AB1D11D
content-length
178
x-request-id
362f4beb-b49e-49ef-8818-a3c86c822f6e
ajax-loader_6660c52580.gif
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ajax-loader_6660c52580.gif
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
x-openstack-request-id
txa530922e6bb6471cb3307-006246f9ed
last-modified
Wed, 09 Mar 2022 17:39:55 GMT
x-trans-id
txa530922e6bb6471cb3307-006246f9ed
x-thanos
0AB24042
etag
faa74e8c61fc64d5edb11613c7eead2c
vary
Accept-Encoding, Origin
content-type
image/gif
x-timestamp
1646847594.11221
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
accept-ranges
bytes
content-length
2545
x-request-id
b8315509-b3a3-4110-8aae-e0d605f24adf
bkg-newsletter_d773ce6c90.png
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/bkg-newsletter_d773ce6c90.png
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
f9cde36d04db73e25983dfd84384caebe402a0c5d8d8193ea18e2e50787c7632

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/themes/revistaquem/style/quem-shell_78e521014c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
x-openstack-request-id
tx9b9109ba67d64f1d8c579-006246f9ea
last-modified
Wed, 09 Mar 2022 17:39:55 GMT
x-trans-id
tx9b9109ba67d64f1d8c579-006246f9ea
x-thanos
0AB24042
etag
e105624d9b4a285e548960b7b52b9651
vary
Accept-Encoding, Origin
content-type
image/png
x-timestamp
1646847594.46282
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
accept-ranges
bytes
content-length
9619
x-request-id
0e6e6193-82a4-46ad-bf2f-b7ca96b9a29a
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448175289087284&ev=Microdata&dl=https%3A%2F%2Frevistaquem.globo.com%2F&rl=&if=false&ts=1649901085504&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades%22%2C%22meta%3Adescription%22%3A%22Confira%20not%C3%ADcias%20sobre%20os%20famosos%20e%20celebridades%20do%20Brasil%20e%20do%20mundo.%20Veja%20fotos%20e%20flagra%20dos%20eventos%20mais%20badalados%20e%20tudo%20o%20que%20voc%C3%AA%20sempre%20quis%20saber%20dos%20artistas%20aqui%20na%20QUEM%22%2C%22meta%3Akeywords%22%3A%22celebridade%20da%20semana%2C%20famoso%20da%20semana%2C%20celebridades%20QUEM%2C%20famosos%20QUEM%2C%20festa%20das%20celebridades%2C%20novo%20visual%20das%20celebridades%2C%20novo%20visual%20dos%20famosos%2C%20entrevistas%2C%20vida%20dos%20famosos%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_6fe2c04fd96b44a3802fd18cbc408596%2Fassets%2Fthemes%2Frevistaquem%2Fmedia%2Fog-image-quem_8fda4aabb9.png%22%2C%22og%3Adescription%22%3A%22Confira%20not%C3%ADcias%20sobre%20os%20famosos%20e%20celebridades%20do%20Brasil%20e%20do%20mundo.%20Veja%20fotos%20e%20flagra%20dos%20eventos%20mais%20badalados%20e%20tudo%20o%20que%20voc%C3%AA%20sempre%20quis%20saber%20dos%20artistas%20aqui%20na%20QUEM%22%2C%22og%3Atitle%22%3A%22%20QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649901084815.1599294466&it=1649901084676&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 14 Apr 2022 01:51:24 GMT
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ Frame D488 		220 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7d8acf20075b97993e5d54624cf85ac868df2398985371d5c8555a45425c418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a004-dub-prod.krxd.net, cache-hhn4083-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1649901084.064690,VS0,VE31
content-length
184
x-cache-hits
0, 0
271593406740706
connect.facebook.net/signals/config/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/271593406740706?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06edb247c5467d6b3fcb11c7064dd3d8803c6b41511f09cc02160dff739ae295
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89403
x-xss-protection
0
pragma
public
x-fb-debug
NeyCpD+IWj8O842PfO7wxsILrJkyCHXC+EL4CiRgIt9I4gMHPgFb4hQm1iK8T9L3EenX61MQFaWMPY/4loL8LQ==
x-frame-options
DENY
date
Thu, 14 Apr 2022 01:51:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
15688_quem.js
ads.rubiconproject.com/prebid/ 		412 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/15688_quem.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.25.js?utv=ut4.44.202202241510
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9f4f29db5b938c1593babc59fe2375de202a2e0df16c8a97036d5dc2857b5ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 21:41:19 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2898
access-control-allow-credentials
true
accept-ranges
bytes
content-length
111610
expires
Thu, 14 Apr 2022 02:39:42 GMT
J2lZajxx.js
cdn.krxd.net/controltag/ 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/J2lZajxx.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.29.js?utv=ut4.44.201911252014
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c4d3b42ea49082ad71d280333662e2230c0fbc7fa53cec90e3d99d9a35d359d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 14 Apr 2022 01:51:24 GMT
via
1.1 varnish, 1.1 varnish
age
575
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
22731
x-served-by
config-service-a001-ash-prod.krxd.net, cache-iad-kjyo7100167-IAD, cache-hhn4020-HHN
x-response-time
2
x-do-esi
esi
x-timer
S1649901084.080761,VS0,VE0
etag
"b1b6d4505c91e03d87bbe23ab4a106cbe18cf575"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 3
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=globo/editora/202204052058&cb=1649901085580
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 14 Apr 2022 02:01:24 GMT
report-page-structure
nr-events.taboola.com/newsroom/1.0/editoraglobo-revistaquem/ Frame 6803 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://nr-events.taboola.com/newsroom/1.0/editoraglobo-revistaquem/report-page-structure?page.url=https%3A%2F%2Frevistaquem.globo.com%2F&view.id=543910411116931719&page.template=home&page.dashboard=home&ui=12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://revistaquem.globo.com
Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
date
Thu, 14 Apr 2022 01:51:24 GMT
server
nginx
tbl-x-upstream
10.45.181.209:8080
via
1.1 varnish
x-application-context
front-page-event-server:production
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4039-HHN
x-timer
S1649901084.084678,VS0,VE9
login.css
s.glbimg.com/pc/ca/ 		846 B
836 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.glbimg.com/pc/ca/login.css
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.5 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-5.prt.globo.com
Software
/
Resource Hash
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-bip
418207025 ra09 20 10
age
17009
content-length
431
x-xss-protection
1; mode=block
x-request-id
7d60ee1e-189d-436f-9993-45c52d42ee88
last-modified
Wed, 27 Jan 2021 20:50:06 GMT
x-thanos
0AB4D01E
etag
W/"6011d1fe-34e"
vary
Accept-Encoding, Origin
content-type
text/css
via
2.0 CachOS
cache-control
max-age=604800
accept-ranges
bytes
access-control-allow-headers
Content-Type
expires
Wed, 20 Apr 2022 21:07:54 GMT
logged
cocoon.globo.com/v2/user/ 		187 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Requested by
Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash
da0d7b33d5125507bc4d5f3eb719b6a7b592f08dae18372e5ea60dab5a781777

Request headers

Referer
https://revistaquem.globo.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-thanos
0A8490A7
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
p3p
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
x-request-id
9503984d-9d10-4916-b65e-a437fb1ead5a
logged
cocoon.globo.com/v2/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cocoon.globo.com/v2/user/logged
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
201.7.182.243 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:24 GMT
x-request-id
debe73ef-56d3-4067-b313-90b68102f18c
x-thanos
0A83D0A3
tinypass.min.js
cdn.tinypass.com/api/ 		279 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9f709689168ac389970872fab40c43343c086f9da673ff568b261dfb2f13159
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
4135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
M4MYVVNJJ1TD8S3X
x-amz-id-2
6qPPTPS37fahVPeJnymnknA4F1NJtWPu2GTQ0arMOV/9MB1jZFBfYrAVbm39AupOjvv3ZeD//Gg=
last-modified
Mon, 11 Apr 2022 07:19:05 GMT
server
cloudflare
etag
W/"fba456d5afd712a719f382e1fbfaec03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6fb8cbcfcdc23745-MXP
expires
Thu, 14 Apr 2022 05:51:24 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=271593406740706&ev=PageView&dl=https%3A%2F%2Frevistaquem.globo.com%2F&rl=&if=false&ts=1649901085623&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649901084815.1599294466&it=1649901084676&coo=false&rqm=GET
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 14 Apr 2022 01:51:24 GMT
controltag.js.f5d7048d3841bccb4f5d92333c20b066
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/J2lZajxx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
age
780036
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2315
content-length
84741
x-served-by
cache-hhn4020-HHN
last-modified
Fri, 01 Apr 2022 11:47:20 GMT
x-timer
S1649901084.124989,VS0,VE0
etag
"f5d7048d3841bccb4f5d92333c20b066"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Mon, 29 Mar 2032 11:47:19 GMT
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3h1d1V1RG0
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM_IfDxf-6g8Me0hMOJoOE8&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM_IfDxf-6g8Me0hMOJoOE8&google_cver=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1649901084
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEM_IfDxf-6g8Me0hMOJoOE8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3h1d1V1RG0
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=T3h1d1V1RG0&google_tc=
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJkn2ej7MocwjSFEDDW4qCU&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJkn2ej7MocwjSFEDDW4qCU&google_cver=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=61 t=1649901084
x-served-by
beacon-n013-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJkn2ej7MocwjSFEDDW4qCU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOxuwUuDm%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1649901084
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
Date
Thu, 14 Apr 2022 01:51:24 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uLrOQwf3jZ61m4tbl-GgQWCN1ELkYCUr
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uLrOQwf3jZ61m4tbl-GgQWCN1ELkYCUr
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1649901084
x-served-by
beacon-n007-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=uLrOQwf3jZ61m4tbl-GgQWCN1ELkYCUr
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
6048
content-length
218
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
p
sb.scorecardresearch.com/ Frame D488 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OxuwUuDm&rn=1649901086
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
43
x-amz-cf-id
DhXNhSPESag1DGxlyIl8-QHAeqzFe5TQO_Ecblj0Cvo-luNfdDi55w==
x-cache
Miss from cloudfront
content-type
image/gif
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OxuwUuDm&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=66757&&dpuuid=OxuwUuDm&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
  • https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=187 t=1649901084
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS
dcs-prod-irl1-1-v031-08173123b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
g7KBGkAlS8w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1649901084
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:24 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
05ca1993-50a7-430b-a009-0449ebd98b76
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame D488
Redirect Chain
  • https://ib.adnxs.com/mapuid?member_id=1780&user=OxuwUuDm
  • https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOxuwUuDm
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOxuwUuDm
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:24 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5a57ee72-094a-4278-9e3b-e1c7a7449b8a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:24 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
efc6bb50-f98a-4ef1-90b8-0145364daae9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember_id%3D1780%26user%3DOxuwUuDm
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame D488 		42 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OxuwUuDm
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
token
token.rubiconproject.com/ Frame D488 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
pixel-sync.sitescout.com/connectors/krux/ Frame D488
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=sitescout
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:23 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date
Thu, 14 Apr 2022 01:51:24 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a010-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=verizon
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OxuwUuDm
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=70 t=1649901084
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
content-length
0
sync
sync.navdmp.com/ Frame D488
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=navegg
  • https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
6 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fb8cbd22a6f59dd-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
date
Thu, 14 Apr 2022 01:51:24 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a013-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame D488
Redirect Chain
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1649901084343
  • https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=38 t=1649901084
x-served-by
beacon-n008-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
getdata.xgi
r.nexac.com/e/ Frame D488 		0
0
15688-pbjs-floors.json
ads.rubiconproject.com/floors/ 		62 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8a80deb88f7a282768b77eac8c7fd6811a7a01054e1970f2379e1c3f241400eb

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
last-modified
Thu, 14 Apr 2022 00:41:01 GMT
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1500
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5469
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220414
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f79d38dfdc7c2c8c0b86abe620e091e7f08ab89d01bbea99079e48cd05a5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
39023
x-jsd-version
1.0.1310
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19168-FRA, cache-itm18845-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-hCle58xn/UUmnX3Cy1l3ibLPpDs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cL7vl2vWo6d1lxFIvTDk%2Ftqt6pI%2B9W9%2BfiO5n12VCnH9vj%2BZWmI%2BBPDoRsof7S9o31HrX%2F%2F0Q78G8onK31Ac%2BWgLESf53CWc%2B7ZlmPLZRRSCn52sDJEtVYnyO81oiMAetUrWIaOmUkuqNQBviBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6fb8cbd09e7759fb-MXP
access-control-expose-headers
*
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762467406505537&correlator=4393895811950707&eid=31067075%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=85042905%2Cedquem%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&ifi=1&adks=1619879412&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Editora.Pos%3DVitrine&eri=1&cust_params=editora.url%3D%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26ognCluster%3D%26kuid%3D%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D&sc=1&cookie_enabled=1&abxe=1&dt=1649901085730&lmt=1649901085&dlt=1649901083227&idt=1724&biw=1600&bih=1200&adxs=315&adys=4531&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frevistaquem.globo.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x5219&msz=1600x60&fws=0&ohw=0&ga_vid=416071499.1649901085&ga_sid=1649901086&ga_hid=590669618&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
dad629e72db66f83347ffb17006dcd27b9296adf59739759f8cad58927ef33fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8738
x-xss-protection
0
google-lineitem-id
5768744376
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360272835
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762467406505537&correlator=2119571492311185&eid=31067075%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=85042905%2Cedquem%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&ifi=2&adks=1107369598&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Editora.Pos%3DBox-Chamada%26Editora.random%3D6%26refresh%3Dtrue&eri=1&cust_params=editora.url%3D%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26ognCluster%3D%26kuid%3D%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D&sc=1&cookie_enabled=1&abxe=1&dt=1649901085743&lmt=1649901085&dlt=1649901083227&idt=1724&biw=1600&bih=1200&adxs=912&adys=514&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frevistaquem.globo.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=524x0&msz=524x0&fws=0&ohw=0&ga_vid=416071499.1649901085&ga_sid=1649901086&ga_hid=590669618&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4ad75baebbcb819ec3214e8968e2d4f097f9e0c9450ddad294be1f76efd4052d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10043
x-xss-protection
0
google-lineitem-id
5104217023
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138385720161
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762467406505537&correlator=4301383149234888&eid=31067075%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=85042905%2Cedquem%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=666146696&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Editora.pos%3DDhtml&eri=1&cust_params=editora.url%3D%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26ognCluster%3D%26kuid%3D%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D&sc=1&cookie_enabled=1&abxe=1&dt=1649901085747&lmt=1649901085&dlt=1649901083227&idt=1724&biw=1600&bih=1200&adxs=0&adys=5264&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frevistaquem.globo.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x5219&msz=1600x0&fws=0&ohw=0&ga_vid=416071499.1649901085&ga_sid=1649901086&ga_hid=590669618&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9927a4cf5c349ac7b2de340041a0ad5ce14d7faaee1ad9eccae471f991ad2cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8555
x-xss-protection
0
google-lineitem-id
5588158776
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138337269136
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762467406505537&correlator=1691349765461125&eid=31067075%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=85042905%2Cedquem%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=4&adks=584105381&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Editora.pos%3DEspecial%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26Editora.random%3D2%26refresh%3Dtrue&eri=1&cust_params=editora.url%3D%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26ognCluster%3D%26kuid%3D%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D&sc=1&cookie_enabled=1&abxe=1&dt=1649901085751&lmt=1649901085&dlt=1649901083227&idt=1724&biw=1600&bih=1200&adxs=488&adys=1167&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frevistaquem.globo.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x354&msz=300x0&fws=0&ohw=0&ga_vid=416071499.1649901085&ga_sid=1649901086&ga_hid=590669618&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
3510f4c9fe53fe9946a990d973cc0d68c21732b3db03dd880023218fd0b34a51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
google-lineitem-id
5768744376
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360272823
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		19 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762467406505537&correlator=3602636053433890&eid=31067075%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=85042905%2Cedquem%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=5&adks=727825519&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Editora.pos%3DTop%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26Editora.random%3D9%26refresh%3Dtrue&eri=1&cust_params=editora.url%3D%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26ognCluster%3D%26kuid%3D%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D&sc=1&cookie_enabled=1&abxe=1&dt=1649901085755&lmt=1649901085&dlt=1649901083227&idt=1724&biw=1600&bih=1200&adxs=1136&adys=1167&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frevistaquem.globo.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x354&msz=300x0&fws=0&ohw=0&ga_vid=416071499.1649901085&ga_sid=1649901086&ga_hid=590669618&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d92bde9a1fa80d3f55abf5cbeb36292c2885c6d558418b9715d6a90a79a2e9cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8728
x-xss-protection
0
google-lineitem-id
5768744376
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360272823
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC4D 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
Fri, 14 Apr 2023 01:51:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rodrigo-mussi-continua-evoluindo-e-abrindo-mais-vezes-os-olhos-cada-vez-mais-lucido.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		57 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/rodrigo-mussi-continua-evoluindo-e-abrindo-mais-vezes-os-olhos-cada-vez-mais-lucido.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
b69c49abe718837ff9043ac2af6209617d9b7707a50a5a67f8492fa0faa2160e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
599460240 asra03mp05lx03ca10.globoi.com
age
178
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
12152
x-request-id
2c22738e-a878-4e75-a965-14f0b84d1de9
apos-climao-no-passado-felipe-neto-agradece-neymar-por-ajuda-videos.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		56 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/apos-climao-no-passado-felipe-neto-agradece-neymar-por-ajuda-videos.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
1f85772776b2b63de72d7fbf6ba2a67a649dad1c9cc5f7877bb640cec76904f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
599460241 asra03mp05lx03ca10.globoi.com
age
178
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
11958
x-request-id
3d4a65a3-fa51-4372-8801-8dccc518253e
samara-felippo-posta-foto-de-biquini-e-de-beijos-no-marido-elidio-sanna.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/samara-felippo-posta-foto-de-biquini-e-de-beijos-no-marido-elidio-sanna.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
7942ea0e29c995353e08a20c2b97781bcd1df4b80c15c640d1a790d54da04818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
599460242 asra03mp05lx03ca10.globoi.com
age
227
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
12694
x-request-id
1ceea69a-4607-41e6-b0e2-b86a4a806913
bruno-cardoso-anuncia-nascimento-da-filha-ainda-nao-caiu-ficha.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		58 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/bruno-cardoso-anuncia-nascimento-da-filha-ainda-nao-caiu-ficha.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
8a08328c4bcd73041a2fecd4f16efe23074dd25ccbf2ebd32d4ab2ad64f52311

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
581500187 asra03mp05lx03ca10.globoi.com
age
191
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
12120
x-request-id
60b77cf7-b9ae-4a1e-a56f-e0abf4940b0b
simone-fala-sobre-suposto-afastamento-de-simaria-ela-tem-vida-dela.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		56 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/simone-fala-sobre-suposto-afastamento-de-simaria-ela-tem-vida-dela.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
7f8f67fa393739ae2d8438ea639c3d15b1b27ae73456deecf17e5e47e876d724

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
599460243 asra03mp05lx03ca10.globoi.com
age
7
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
11712
x-request-id
c7c9633b-e61b-424c-8bd9-e1c23eca27fb
fabio-ramalho-faz-transplante-capilar.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		55 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/fabio-ramalho-faz-transplante-capilar.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
155ce132c638d82643468f7827a0c612102d1f0f06e6004405f14f396d01dba3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
12935204 asra03mp05lx03ca10.globoi.com
age
178
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
11450
x-request-id
39adc5ff-a2bf-4b50-8d61-1a0c1111ef04
rafa-kalimann-e-pocah-curtem-dia-de-praia-juntas-no-rio-videos.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		60 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/rafa-kalimann-e-pocah-curtem-dia-de-praia-juntas-no-rio-videos.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
be66edcd4db36136eb8bfd1b03ca972742f4ffbf84b2b74eb869c850b8b6a377

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
596477328 asra03mp05lx03ca10.globoi.com
age
108
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
12254
x-request-id
6e4ac5a1-8dc9-4148-994d-b0c231372b6e
isabella-santoni-corta-cabeca-durante-surfe-e-cogita-raspar-os-cabelos.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		57 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/isabella-santoni-corta-cabeca-durante-surfe-e-cogita-raspar-os-cabelos.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
64a885df491c3695b88cb90300114f33453ae230f7ded3235dbca91132882b99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
326224584 asra03mp05lx03ca10.globoi.com
age
231
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
11650
x-request-id
f591ba0e-ec6a-404f-a85a-c2d2618428f5
preta-gil-estreia-nova-turne-em-celebracao-aos-20-anos-de-carreira-noite-magica.html
revistaquem.globo.com/Musica/noticia/2022/04/ 		61 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/Musica/noticia/2022/04/preta-gil-estreia-nova-turne-em-celebracao-aos-20-anos-de-carreira-noite-magica.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
e236c35a27b818a5c6952ca03f31c0639491ed4aa332bc9cd5034ed7d53b49c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
728503146 asra03mp05lx03ca10.globoi.com
age
178
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
12858
x-request-id
421de262-0cf5-400b-a52d-fcf53038e11b
hariany-almeida-e-jose-victor-pires-terminam-namoro.html
revistaquem.globo.com/QUEM-News/noticia/2022/04/ 		55 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://revistaquem.globo.com/QUEM-News/noticia/2022/04/hariany-almeida-e-jose-victor-pires-terminam-namoro.html
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/script/bundle-min_230f8625e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.81.156 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-81-156.prt.globo.com
Software
/ Express
Resource Hash
37394d3cc7b2adab449bad8a6f25e8968a1d3274f891e6175996592ffb7a078e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-bip
12935207 asra03mp05lx03ca10.globoi.com
age
178
x-powered-by
Express
vary
X-Forwarded-Proto, Accept-Encoding, User-Agent, X-Nw-St
content-type
text/html; charset=utf-8
via
2.0 CachOS
cache-control
max-age=300, stale-while-revalidate=120, stale-if-error=31536000
accept-ranges
bytes
x-thanos
0AB1D11D
content-length
11552
x-request-id
7f0b6b88-5ad6-41c5-b45c-1351eae17a86
rodrigo.mussi_274618055_3236657263277354_4894934768237598934_n.jpg
s2.glbimg.com/lJpDQF4nuyZjk00ciMp6j6iSTe8=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/10/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/lJpDQF4nuyZjk00ciMp6j6iSTe8=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/10/rodrigo.mussi_274618055_3236657263277354_4894934768237598934_n.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
45becafb9897215cd7d1a2ecc48c38ed304e9ad5166fb44b28500a6c7f54f1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
166885910 ra11 03 08
age
269458
etag
"4331b0caa12f54668dd88d1408ee5e2feb9f9a66"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
11374
x-request-id
b5a9aa64-0814-4140-89d9-59751ac2a65a
expires
Tue, 10 May 2022 22:56:56 GMT
bgfbgf.jpg
s2.glbimg.com/jtgPhJ4Ffi8ZFDO08jdaGWRYvxA=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/jtgPhJ4Ffi8ZFDO08jdaGWRYvxA=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/bgfbgf.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
3cd2dbeec99af4c840cea72d956ce0f19b66815932798871b0ffc1d6d67c47a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
166885911 ra11 03 08
age
3249
etag
"d4caee480d0e92195cf19cc6adfb24c940b2d842"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
16642
x-request-id
6a890591-5797-4779-8e20-c10f1693c53c
expires
Sat, 14 May 2022 00:55:44 GMT
bvbfdv.jpg
s2.glbimg.com/lx-vscXaM1wXoSpdhLvHLwOXTzg=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/lx-vscXaM1wXoSpdhLvHLwOXTzg=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/bvbfdv.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
4a1026502fbc11f9a4dd58e4db93b4df0c1df03273dcb44b0f0d03669631d5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
171037175 ra11 03 08
age
5940
etag
"310499b79224a3f11861844047d8b1757a95336d"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
30608
x-request-id
4e4b36c7-53fb-4039-be5e-5abf6050a77e
expires
Sat, 14 May 2022 00:11:07 GMT
bcbrunocardoso_278271949_396259742506678_6673772409163625136_n.jpg
s2.glbimg.com/UbXasMYWQoicBJCzDp_cMINP4FY=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/UbXasMYWQoicBJCzDp_cMINP4FY=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/bcbrunocardoso_278271949_396259742506678_6673772409163625136_n.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
0a408e1ed78d0614e1d6c4b411bf24106f9afa6dba5ab0153bdf367e186f6530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
171719572 ra11 03 08
age
6246
etag
"b82e456234ce470ab704c8afe78aba27588928bf"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
8620
x-request-id
3d878894-1152-4a5e-9dd5-c08b7f5d3e7a
expires
Sat, 14 May 2022 00:06:42 GMT
simoneesimaria_272261106_147397314318415_7645841532552394935_n.jpg
s2.glbimg.com/EDHPPeki1Yd0wBgpWRN2fELWLeQ=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/EDHPPeki1Yd0wBgpWRN2fELWLeQ=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/simoneesimaria_272261106_147397314318415_7645841532552394935_n.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
8f1a3d598fdf99310e1bdbd044977129a199803687c4288c79cb77a32de85de2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
172401007 ra11 03 08
age
8054
etag
"66ea6bd38e46e7b533ad3689b3eb0d648e2a78e1"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
16458
x-request-id
a157f141-b1f1-4beb-9e2d-f2da35a18075
expires
Fri, 13 May 2022 23:36:02 GMT
whatsapp_image_2022-04-13_at_20.28.58.jpeg
s2.glbimg.com/ry_WjkyDCM2R0ztI0MZcNwIN5fc=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/ry_WjkyDCM2R0ztI0MZcNwIN5fc=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/whatsapp_image_2022-04-13_at_20.28.58.jpeg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
15e5c616c72e9596d407435ea7c57fa18ddc1d7120776dde36aed479b7bc5b16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
173443679 ra11 03 08
age
8054
etag
"c80623ee2126fae47de9c16738ecb9713ac0b45c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
22056
x-request-id
7f69d7d1-cf13-4d1d-a134-8f6db43ce4e1
expires
Fri, 13 May 2022 23:36:37 GMT
726b0483-52a1-479f-a83b-1783df8c2bd1.jpg
s2.glbimg.com/wyIrxfS1ra6CfEmZAf0eszDP-LY=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/wyIrxfS1ra6CfEmZAf0eszDP-LY=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/726b0483-52a1-479f-a83b-1783df8c2bd1.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
da81891659c1736b0db31928a9fd0312e2891bab534addf4ceab05c8bc76354e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
170288175 ra11 03 08
age
5025
etag
"ea7edfb45eec3b1027e25ce677923775711ff2a2"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
18530
x-request-id
43319f32-cfa6-40ed-a728-90bdec1d0321
expires
Sat, 14 May 2022 00:26:05 GMT
image_Qu2yZbs.png
s2.glbimg.com/WLJtPqeQ_ze3I5hlnJDFmxkq94c=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/WLJtPqeQ_ze3I5hlnJDFmxkq94c=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/image_Qu2yZbs.png
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
ff6fc2ae4c47d3651abc77109449bd3c9de1e5c854b7c51ca4b8fc1a5f199357

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
169727114 ra11 03 08
age
8611
etag
"7b71dec2f396089a49edcb4a6419b45df59d4abd"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
15284
x-request-id
da9008a5-75ed-44e7-85cc-f4106ae6c24c
expires
Fri, 13 May 2022 23:26:18 GMT
img_9414.jpg
s2.glbimg.com/zwHOb66nieQ0UrVhDEGqzK8f91o=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/zwHOb66nieQ0UrVhDEGqzK8f91o=/512x320/smart/e.glbimg.com/og/ed/f/original/2022/04/13/img_9414.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
e1d5858a25341be3c0c52d95d1e884aeb1107ca656350096c6612966947d5b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
173671953 ra11 03 08
age
10767
etag
"71c186639c0529513d1aad8f1efdb0021b4e5398"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
13394
x-request-id
a081f98e-de38-4676-8a1b-d0f9886885ca
expires
Fri, 13 May 2022 22:51:33 GMT
hariany-almeida-jose-victor-pires.jpg
s2.glbimg.com/a4zSrOaMwS-ou83JkZgfOnBRxEg=/512x320/smart/e.glbimg.com/og/ed/f/original/2021/10/25/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/a4zSrOaMwS-ou83JkZgfOnBRxEg=/512x320/smart/e.glbimg.com/og/ed/f/original/2021/10/25/hariany-almeida-jose-victor-pires.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
116401015af3c0c3b59e2933c637639cf768cedf4e46d8e53510b1e4d6d7c32e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
171945701 ra11 03 08
age
11918
etag
"8219ffb6fd0b8784b0d07e11751be290ef29b64e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
21706
x-request-id
5704f9d9-cc46-43d6-b5bc-e0657977e404
expires
Fri, 13 May 2022 22:32:36 GMT
image.jpg
s2.glbimg.com/NsT1DD7Hl5UXGMWudJvJdwGVlec=/683x400/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/NsT1DD7Hl5UXGMWudJvJdwGVlec=/683x400/smart/e.glbimg.com/og/ed/f/original/2022/04/13/image.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
f9275fd4c56125b1ad5d555c4f6a3b9deb7e31974ff4f38a2a588aeb1b8ba6c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
173182585 ra11 03 08
age
19158
etag
"0c521283ceedee2b2f8ce16789e3fb28be748a68"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
49164
x-request-id
d4b46aad-48d4-4a22-91b8-cdbad2d34309
expires
Fri, 13 May 2022 20:30:10 GMT
278339278_492259979294698_6566937095562394322_n.jpg
s2.glbimg.com/LLJUdgF1l2yvofOgv0ooFEyXjOY=/190x155/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/LLJUdgF1l2yvofOgv0ooFEyXjOY=/190x155/smart/e.glbimg.com/og/ed/f/original/2022/04/13/278339278_492259979294698_6566937095562394322_n.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
3bcaf1f1a28f86d7cb894d9315a6676fc0e09b5c6968b500a238fac032669146

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
168354825 ra11 03 08
age
31767
etag
"94c15e4167b1ea994b2ee5434d5e9ad38ff33700"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
3400
x-request-id
23cdbdaf-f6a4-4b1d-8a0e-772b76ebc87d
expires
Fri, 13 May 2022 17:00:25 GMT
novo_projeto.jpg
s2.glbimg.com/KEIGqNVt5VXeUn27W25Xqb50gOA=/190x155/smart/e.glbimg.com/og/ed/f/original/2022/03/15/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/KEIGqNVt5VXeUn27W25Xqb50gOA=/190x155/smart/e.glbimg.com/og/ed/f/original/2022/03/15/novo_projeto.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
d318d1bd936490b1616889e835589397b9a11a445bbac62adf68eb56c084319d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
171945706 ra11 03 08
age
31582
etag
"7fec57a2565d3d0b161cbd07ceff738cbd74f372"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
6870
x-request-id
bbbab895-452f-460b-a49b-6ae3f489ad39
expires
Fri, 13 May 2022 17:00:26 GMT
paolla.jpg
s2.glbimg.com/WQteou1PVsWErlWKb4sMyLMqIQQ=/190x155/smart/e.glbimg.com/og/ed/f/original/2022/04/13/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.glbimg.com/WQteou1PVsWErlWKb4sMyLMqIQQ=/190x155/smart/e.glbimg.com/og/ed/f/original/2022/04/13/paolla.jpg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.91.9 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-91-9.prt.globo.com
Software
/
Resource Hash
fe876b8d99181a67a590b93f8fd6f4c89fc33f2938c004644dd9f80f8afdf777

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
2.0 CachOS
x-bip
173443685 ra11 03 08
age
19431
etag
"044edd68f3becd59b6956dd82410748473a3d84c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000,public
accept-ranges
bytes
x-thanos
0AB5D032
access-control-allow-headers
Content-Type
content-length
5628
x-request-id
46212c78-8fe9-4d2b-8916-2bec9f81d96d
expires
Fri, 13 May 2022 20:24:07 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://revistaquem.globo.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 14 Apr 2022 01:51:24 GMT
server
ATS/9.1.0.33
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://revistaquem.globo.com
access-control-max-age
600
age
0
content-length
0
date
Thu, 14 Apr 2022 01:51:24 GMT
server
ATS/9.1.0.33
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8dc6ba2cebad8548d43d8c99220b39cad49eab5ee145a7177a03fe94403d1e85
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b501e0db-f065-4db2-9a9d-14b91cc090c6
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
s.seedtag.com/c/hb/ 		27 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1be45c7a0fdf34b220113cd7d2f3ba2d19e81502792c1ab77da76adc36c30036

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"1b-EHEP6f3HeX2j76oqC2hiwEiULGo"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.11.0&cb=60854131093
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266878&zone_id=1321906&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=2730c50e-ce61-4ce6-b4b3-94290a0fbd41%5E1&rf=https%3A%2F%2Frevistaquem.globo.com%2F&tg_i.page_name=home&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-fullbanner.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedquem%2Fhome&tk_flint=dmpbjs_v6.11.0&x_source.tid=e4f7252b-69dc-4041-a56f-e65231c72db9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7147558465545512
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b519b32eb18af1a54e9612663d02e74a431fa932f3dbbf319bb2f89a08061c51

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
398
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
387604d1299018274fcca30e5c92bb1018d4bbf3cd8d7e7ce0ed5b21ae04a754

Request headers

Referer
https://revistaquem.globo.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
content-length
66
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ 		398 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15688&site_id=266878&zone_id=1321906&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=2730c50e-ce61-4ce6-b4b3-94290a0fbd41%5E1&rf=https%3A%2F%2Frevistaquem.globo.com%2F&tg_i.page_name=home&tg_i.platform=desktop&tg_i.aupname=%2F85042905.*%26pub-fullbanner.*%26position%3Datf&tg_i.pbadslot=%2F85042905%2Fedquem%2Fhome&tk_flint=dmpbjs_v6.11.0&x_source.tid=74c000c9-5697-4bf8-92a2-225894af17f2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8687341832231268
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e00bf6f20c1f17513422e1d52318b50e79f788bb03cc2ead97c8c711ae6962e2

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
398
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7e408fd0afde9552f1a3f0007039be7b154879b8753358372414cdd05c4486f3

Request headers

Referer
https://revistaquem.globo.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		18 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.11.0&cb=43464899554
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
bid
s.seedtag.com/c/hb/ 		27 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.182.124 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
124.182.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1be45c7a0fdf34b220113cd7d2f3ba2d19e81502792c1ab77da76adc36c30036

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
etag
W/"1b-EHEP6f3HeX2j76oqC2hiwEiULGo"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
vary
Accept-Encoding, Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache,no-store
transfer-encoding
chunked
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
678e3374b4ba55e6f4d1b0407fcef2038429abb1e9ef3afdcad9185a1b6e42af
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
309d08ad-47a3-4167-8068-31783a7d579a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 01C9 		805 B
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1992443
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
525
content-type
text/html
date
Thu, 14 Apr 2022 01:51:24 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
expires
Fri, 19 Feb 2027 17:50:50 GMT
last-modified
Tue, 21 Feb 2017 17:50:54 GMT
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
954
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by
cache-hhn4020-HHN
x-timer
S1649901084.350339,VS0,VE0
view
securepubads.g.doubleclick.net/pcs/ Frame BA0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuombdSfqDq6Z4SQZEhJ1ZIMdMUqRU9BQUGlrlMQa78d1bCW8uIB_uaCMLmOztfzyNPqQTx2Y4EKCYnqMeXCsECMBtJRLYyBO9Ax3uL9-re87imu7i1_NntoKVgRUcgi8VuniLo3xE4NpxQW_gZBedVuI5M6uLuH9-vkOpvB4yeOyBf_w5wrRqI-2pDgpXQghGxwdk_u7_Fp02Pb6KsqvEy223NX5mDwWCtUCfe9RLlx76Q7o3wHEG-B4TCqJrpQwkeFuqO9e97w3G8B-gAB1UMZzlA_qTKcEcvJRef7m0vUFwHvzknRGx0enWEBTRqjI&sig=Cg0ArKJSzHK3-TqMz-KMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
revistaquem.globo.com_14988.js
ads.vidoomy.com/ Frame BA0C 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/revistaquem.globo.com_14988.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
324a3a6e9975fe42489699b33997a236eb00c20b3f5404719dca740e12a5123e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:24 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5412
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA0C 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:24 GMT
get.js
buy.tinypass.com/api/v3/anon/captcha/ 		153 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf02dfba3b3b7c0d9361aed031d5c62e9c9786f97096559c3e25ca1f9f5d028
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
Cot3bar3JNS
pragma
wn
prod-dash-10-0-143-236
last-modified
Thu, 14 Apr 2022 01:39:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/javascript
server-time
0.004
cache-control
public, max-age=1200
cf-ray
6fb8cbd1bf643745-MXP
expires
Thu, 14 Apr 2022 02:11:24 GMT
execute
c2.piano.io/xbuilder/experience/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.piano.io/xbuilder/experience/execute?aid=VnaP3rYVKc
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
defd76ed2c223591f8859a049c948a92467923424c30b43c386ce60dae532740
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
ys9yhv9bq5
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
6fb8cbd20e67f91b-MXP
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
259 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7d8acf20075b97993e5d54624cf85ac868df2398985371d5c8555a45425c418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a004-dub-prod.krxd.net, cache-hhn4083-HHN
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1649901084.485845,VS0,VE0
content-length
184
x-cache-hits
0, 1
container.html
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 57F5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
Fri, 14 Apr 2023 01:51:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
json
trc.taboola.com/editoraglobo-revistaquem/trc/3/ 		27 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-revistaquem/trc/3/json?tim=01%3A51%3A26.009&lti=deflated&data=%7B%22id%22%3A982%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3A%2212bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b%22%2C%22uifp%22%3Anull%2C%22lbt%22%3A1649841516484%2C%22vi%22%3A1649901086007%2C%22cv%22%3A%2220220413-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frevistaquem.globo.com%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Frevistaquem.globo.com%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22e%22%3A%22https%3A%2F%2Frevistaquem.globo.com%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6039%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-b%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Homepage%20Thumbnails%22%2C%22cd%22%3A4868.53125%2C%22mw%22%3A1264%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbs-hero-02%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Page%22%2C%22orig_uip%22%3A%22Below%20Page%22%2C%22cd%22%3A5232.53125%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CBelow%20Homepage%20Thumbnails%3Dthumbnails-b%3Apub%3Deditoraglobonetwork%3Aabp%3D0%2C%2CBelow%20Page%3Dthumbs-hero-02%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
175d0173d6b4b4a5fec4a2983180997013cade6453b7f860a154a6164f860bfa

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
284
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
server
nginx
x-timer
S1649901085.514692,VS0,VE284
x-served-by
cache-hhn4039-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
J2lZajxx.js
cdn.krxd.net/controltag/ Frame 01C9 		107 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/J2lZajxx.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c4d3b42ea49082ad71d280333662e2230c0fbc7fa53cec90e3d99d9a35d359d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Thu, 14 Apr 2022 01:51:24 GMT
via
1.1 varnish, 1.1 varnish
age
576
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
22731
x-served-by
config-service-a001-ash-prod.krxd.net, cache-iad-kjyo7100167-IAD, cache-hhn4020-HHN
x-response-time
2
x-do-esi
esi
x-timer
S1649901085.523115,VS0,VE0
etag
"b1b6d4505c91e03d87bbe23ab4a106cbe18cf575"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 4
editora
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/editora
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryG2zeekB3wDazU9uV

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame AC7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCKe6JQxOuKZciPA0zOiDtRmHu2riOa6uI0YkebrJlV6ZxrRuc_rHNw5aB_rEGxW1OA5USBnRxJ3UfQjGNHM6Dk8eE2hNXurwREPyJg8fvc-cQcbGOtuEd7RXTzY0KbFPUz92GM9ahfSqMwHl2SluOy9qiFJLcaYQEDftTM75xKhZrb0JND7OupWcI0C9PVSWf4p6omMnHp8QUl6DN4ja1MrAW17BAw6LLl6Z9BzhXV1x-mJCaIt2KzCzk72CF4tZF6T0dYtdJJE-k5E5pmgpnbwK30zHOJnb5uG5hRAs80SwdfWRgdF-tPUqSkO9P-54&sig=Cg0ArKJSzEWsgnjv7_idEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AC7B 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
d74a55b377ca53a908794827239b1cb3e64faf76d291b95d08513e7ca6fcac99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28338
x-xss-protection
0
server
sffe
etag
"1186 / 717 of 1000 / last-modified: 1649887574"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 01:51:24 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4986/ Frame AC7B 		420 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0159d6021d92cfda40a8c932f6d3fc397b8a226d2b5fcd2ef6941deda07731f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 02:25:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a147a-68e80-5d9d3ee257e7b"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=111260
accept-ranges
bytes
content-type
text/javascript
content-length
127978
expires
Fri, 15 Apr 2022 08:45:44 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame AC7B 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.161.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Last-Modified
Tue, 22 Feb 2022 21:49:42 GMT
Server
AmazonS3
x-amz-request-id
W87HD2HXHA6RNKHA
ETag
"b7fc2ea65d2d03573f36101d7316ada7"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
12596
x-amz-id-2
378BXlDLmENdMZeZEHoPCag6h+7zYj3hRZzcfIxMBHnw5UjodNDALjifmWidzlUUW4kRrtdqByk=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AC7B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 37CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfclnmO4Pj9N0ZAbVvUvXBoMCtpCPnAHvO4soIA2dJ0G8KmYm_pzmNj94-nUeYuXE0vmaSB3_u2BomHreemug3fKLLj3e_s3M0gF-Y9AeejT22X2cpnSKlsAo5rLrbUOb3aiM7WkwR-yTTIHDN2ep6yrXVEevnc1G4pHHmHUtATKmkseSjEQc-jciv7eFYySrFLHUBVpbNmMdq4KtIsVJgtcvxLOMi64ZwI0byiFTSr1ZQAXgO4xScum8JOIliGmXGwJML6fPfdfTRC1zjLo3zvH7vFF_Vq0SeG0Uz1VrLw6TLA5SjSiqO7Wd8B3irC64&sig=Cg0ArKJSzN55mvKpSl2aEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 37CB 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
051a9bf0266156c8d39a139fb96260f0ab01c1b21d07715e15266a663f814899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28591
x-xss-protection
0
server
sffe
etag
"1186 / 461 of 1000 / last-modified: 1649887699"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 01:51:24 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4986/ Frame 37CB 		420 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0159d6021d92cfda40a8c932f6d3fc397b8a226d2b5fcd2ef6941deda07731f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 02:25:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a147a-68e80-5d9d3ee257e7b"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=111260
accept-ranges
bytes
content-type
text/javascript
content-length
127978
expires
Fri, 15 Apr 2022 08:45:44 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame 37CB 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.161.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Last-Modified
Tue, 22 Feb 2022 21:49:42 GMT
Server
AmazonS3
x-amz-request-id
W87SDTH6QP5SYC5S
ETag
"b7fc2ea65d2d03573f36101d7316ada7"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
12596
x-amz-id-2
j+qakGhnKsFlYbNYnPHiYfU+x/D0zQyvUSFPSzLD0Ybkca+VY727yc0cnai7sU8FpSryN+7jsOk=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37CB 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:24 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3449 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmV6bgtj-8s75GtznF2S8WEHwvKsCQgzmW2q0mFvrEl1VvQs_A2-0EH1KmVMECe2Ycx4_f2MyMv-3h5FhYJlSBf02xOfTiB98h05__FNX5FjQEdSqrYchPZ5qTLRkSSr9XuYNlVtVWtt-MWKe-mIXkBqqisvZjJOyYv94WyutXeHS2cH1gNXvJNui9cnE4Bvrrn9Lz7Gudt5FlbAZMlUSNtrlZCGF4y0b3lJoiXEGALi9BQGLOtLvcqfnl6vVv9Jr8pv3laa6BOLdjRbofwDvTOwxOrf1mm74RR5DNP8Xx4iyXKwCoUYWmMsv21WvhgrM&sig=Cg0ArKJSzHtzhXpVh1VhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3449 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
051a9bf0266156c8d39a139fb96260f0ab01c1b21d07715e15266a663f814899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28591
x-xss-protection
0
server
sffe
etag
"1186 / 309 of 1000 / last-modified: 1649887699"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Apr 2022 01:51:24 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157163/4986/ Frame 3449 		420 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0159d6021d92cfda40a8c932f6d3fc397b8a226d2b5fcd2ef6941deda07731f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 02:25:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"16a147a-68e80-5d9d3ee257e7b"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=111260
accept-ranges
bytes
content-type
text/javascript
content-length
127978
expires
Fri, 15 Apr 2022 08:45:44 GMT
owHCMR.js
s3.amazonaws.com/script-tags/ Frame 3449 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/script-tags/owHCMR.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.161.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Last-Modified
Tue, 22 Feb 2022 21:49:42 GMT
Server
AmazonS3
x-amz-request-id
W87RGQE3P9JAQ358
ETag
"b7fc2ea65d2d03573f36101d7316ada7"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
12596
x-amz-id-2
UYeNkkBJskFAzEvDdUghyujN5YoBmVp0rGKUZT5qazCyQoYpH/HgPQRE0L3mwGgM4tb8XC4oPJk=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3449 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:24 GMT
truncated
/ Frame BA0C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa65bb9bb4291250c31b2a721a8190c16bd6d23fe1d717badfbca023f7718308

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762467406505537&correlator=4271847695029237&eid=31067075%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=85042905%2Cedquem%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150%7C1190x250&ifi=6&adks=4149626038&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Editora.pos%3DTop%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26Editora.random%3D1%26refresh%3Dtrue%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.47%26hb_adid_appnexus%3D26bb16702b8f401%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.47%26hb_adid%3D26bb16702b8f401%26hb_bidder%3Dappnexus&eri=1&cust_params=editora.url%3D%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26ognCluster%3D%26kuid%3D%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D&sc=1&cookie=ID%3Dccf5a7e86be6a5c5%3AT%3D1649901084%3AS%3DALNI_MbDibqhOu1gtgLEcbsoKSnqy7wTdQ&abxe=1&dt=1649901086151&lmt=1649901086&dlt=1649901083227&idt=1724&biw=1600&bih=1200&adxs=315&adys=179&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frevistaquem.globo.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x122&msz=970x0&fws=4&ohw=1600&psts=AGkb-H_IdS8xs_Ow7AR75haMYQEr0epQygHefgRZOhol3ouC7X3ZD4GG254I31_OBkdkJsIU2a_cPYNuA-3CT_QCvwA0Pw%2CAGkb-H8fjhafSeQCo0da2wIoAf-FOQe8Imn9TjasEfidjEujI-ZzXJJczpmWiOSl38JBx6JxlsNfwVYaxYEXbZ4cC7J5Zg%2CAGkb-H_s0byRr5Hk5u4J9wzeEcEKKY_a8lI2_-ACODyC9YFnZQElgMBpxId8wypDfmbwNXysXI2QvriX3IFGIYPBcmweNg%2CAGkb-H8a6ogpt03nJ5l0_3LFqh0p7ohIEhj5EW9mRc3G74FynltmBPSpriuCnW6dnfbkrN3s3M8lH__yGwNCe8tDgyMtWQ%2CAGkb-H-Srbgr5vadvRgA02K16_7C8Mz1YU3GGbIRccOn8dCVZmAQWCstAOvXFxnQ3eFpaOzEOrNT_R5iawVIrMFqYWh8Uw&ga_vid=416071499.1649901085&ga_sid=1649901086&ga_hid=590669618&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
00d39ce1016d7dcbd3a871300df2e84480e0a86fd9c850d24f82bd13c3b35fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8838
x-xss-protection
0
google-lineitem-id
5961171112
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138387729342
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=271593406740706&ev=Microdata&dl=https%3A%2F%2Frevistaquem.globo.com%2F&rl=&if=false&ts=1649901086178&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades%22%2C%22meta%3Adescription%22%3A%22Confira%20not%C3%ADcias%20sobre%20os%20famosos%20e%20celebridades%20do%20Brasil%20e%20do%20mundo.%20Veja%20fotos%20e%20flagra%20dos%20eventos%20mais%20badalados%20e%20tudo%20o%20que%20voc%C3%AA%20sempre%20quis%20saber%20dos%20artistas%20aqui%20na%20QUEM%22%2C%22meta%3Akeywords%22%3A%22celebridade%20da%20semana%2C%20famoso%20da%20semana%2C%20celebridades%20QUEM%2C%20famosos%20QUEM%2C%20festa%20das%20celebridades%2C%20novo%20visual%20das%20celebridades%2C%20novo%20visual%20dos%20famosos%2C%20entrevistas%2C%20vida%20dos%20famosos%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_6fe2c04fd96b44a3802fd18cbc408596%2Fassets%2Fthemes%2Frevistaquem%2Fmedia%2Fog-image-quem_8fda4aabb9.png%22%2C%22og%3Adescription%22%3A%22Confira%20not%C3%ADcias%20sobre%20os%20famosos%20e%20celebridades%20do%20Brasil%20e%20do%20mundo.%20Veja%20fotos%20e%20flagra%20dos%20eventos%20mais%20badalados%20e%20tudo%20o%20que%20voc%C3%AA%20sempre%20quis%20saber%20dos%20artistas%20aqui%20na%20QUEM%22%2C%22og%3Atitle%22%3A%22%20QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649901084815.1599294466&it=1649901084676&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 14 Apr 2022 01:51:24 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 57F5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 57F5 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:24 GMT
controltag.js.f5d7048d3841bccb4f5d92333c20b066
cdn.krxd.net/ctjs/ Frame 01C9 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/J2lZajxx.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
age
780036
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
2316
content-length
84741
x-served-by
cache-hhn4020-HHN
last-modified
Fri, 01 Apr 2022 11:47:20 GMT
x-timer
S1649901085.681200,VS0,VE0
etag
"f5d7048d3841bccb4f5d92333c20b066"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Mon, 29 Mar 2032 11:47:19 GMT
pubads_impl_2022040701.js
securepubads.g.doubleclick.net/gpt/ Frame AC7B 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 19:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127673
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 08:34:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Apr 2023 19:24:50 GMT
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ Frame 37CB 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 22:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Apr 2023 22:34:10 GMT
pubads_impl_2022041201.js
securepubads.g.doubleclick.net/gpt/ Frame 3449 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 22:34:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127945
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 08:36:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Apr 2023 22:34:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1762467406505537&correlator=192806514205297&eid=31067075%2C31062931&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fif&iu_parts=85042905%2Cedquem%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150%7C1190x250&ifi=7&adks=956500058&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=Editora.pos%3DMiddle%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26Editora.random%3D5%26refresh%3Dtrue%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D2537badb3bbe039%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D2537badb3bbe039%26hb_bidder%3Dappnexus&eri=1&cust_params=editora.url%3D%26keywords%3Dcelebridade%2520da%2520semana%252C%2520famoso%2520da%2520semana%252C%2520celebridades%2520QUEM%252C%2520famosos%2520QUEM%252C%2520festa%2520das%2520celebridades%252C%2520novo%2520visual%2520das%2520celebridades%252C%2520novo%2520visual%2520dos%2520famosos%252C%2520entrevistas%252C%2520vida%2520dos%2520famosos%26ognCluster%3D%26kuid%3D%26nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D&sc=1&cookie=ID%3Dccf5a7e86be6a5c5%3AT%3D1649901084%3AS%3DALNI_MbDibqhOu1gtgLEcbsoKSnqy7wTdQ&abxe=1&dt=1649901086217&lmt=1649901086&dlt=1649901083227&idt=1724&biw=1600&bih=1200&adxs=315&adys=1058&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Frevistaquem.globo.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x32&msz=970x0&fws=4&ohw=1600&psts=AGkb-H_IdS8xs_Ow7AR75haMYQEr0epQygHefgRZOhol3ouC7X3ZD4GG254I31_OBkdkJsIU2a_cPYNuA-3CT_QCvwA0Pw%2CAGkb-H8fjhafSeQCo0da2wIoAf-FOQe8Imn9TjasEfidjEujI-ZzXJJczpmWiOSl38JBx6JxlsNfwVYaxYEXbZ4cC7J5Zg%2CAGkb-H_s0byRr5Hk5u4J9wzeEcEKKY_a8lI2_-ACODyC9YFnZQElgMBpxId8wypDfmbwNXysXI2QvriX3IFGIYPBcmweNg%2CAGkb-H8a6ogpt03nJ5l0_3LFqh0p7ohIEhj5EW9mRc3G74FynltmBPSpriuCnW6dnfbkrN3s3M8lH__yGwNCe8tDgyMtWQ%2CAGkb-H-Srbgr5vadvRgA02K16_7C8Mz1YU3GGbIRccOn8dCVZmAQWCstAOvXFxnQ3eFpaOzEOrNT_R5iawVIrMFqYWh8Uw&ga_vid=416071499.1649901085&ga_sid=1649901086&ga_hid=590669618&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
9d5afdcc216ad4bf5d9eec1c238657a06480485f3faec8d1e2e6bc038c162a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8973
x-xss-protection
0
google-lineitem-id
5961171112
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138387729342
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ Frame 01C9 		220 B
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7d8acf20075b97993e5d54624cf85ac868df2398985371d5c8555a45425c418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
via
1.1 varnish
age
1
x-served-by
consumer-a004-dub-prod.krxd.net, cache-hhn4083-HHN
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1649901085.771916,VS0,VE0
content-length
184
x-cache-hits
0, 2
view
securepubads.g.doubleclick.net/pcs/ Frame 57F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI3gNvobiTu2p9g2oCrVdBpKNbas-3LUYbH-IiijFPASa1E1ZpbTc1R3sZeVHH00r8itBNzdr8UxSGbyjhMUwguop9B-Zli6MEnWMJqQo6W2BmqlXi60GO8nqn5pL6h9AoI0YEmmjNuEOgFZt4c8e6hjwbfzu36HVFsicKcQsJG2kv7kOHkCUdUwewYidQ5ud2cemgemZmZDjqFvDw7Llc1zjjaFVA-yY4GawSF1TRbs08k0sIZ6eJfUlX9UaqcKQW0xf5eM87Kn-IUXdSxrNvICCOOaaoRTs6jRFV8EAh7YTXM8-5qA_sc8x8AHt91JQ&sig=Cg0ArKJSzDeYD1JOylB0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
13451468434393670847
tpc.googlesyndication.com/simgad/ Frame 57F5 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13451468434393670847?
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14169cc068daecf33e22739b7f0b52b4cd35d883b48615e5ab7b7ca0e9edf4a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 06:21:04 GMT
x-content-type-options
nosniff
age
156620
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7536
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 14:38:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Apr 2023 06:21:04 GMT
formats.js
ad.lkqd.net/vpaid/ Frame B799 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1649901084.cds288.lo4.hn,1649901084.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame F3A5 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1649901084.cds288.lo4.hn,1649901084.cds030.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:24 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1649901084222072-588
Expires
Thu, 14 Apr 2022 01:51:24 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=991735043.23243961384580477.30035985
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=991735043.23243961384580477.30035985
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dae2436b0-25be-4e8b-b9da-ccf85b963cc...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=18576257-7e1d-4600-b186-4b87cea796dd&expires=30&ssp=vidoomy&bsw_param=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ae2436b0-25be-4e8b-b9da-ccf85b963cc3
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ae2436b0-25be-4e8b-b9da-ccf85b963cc3
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.29.63.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-63-16.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

Location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=ae2436b0-25be-4e8b-b9da-ccf85b963cc3
Date
Thu, 14 Apr 2022 01:51:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.29.63.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-63-16.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
none
server
fasthttp
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
date
Thu, 14 Apr 2022 01:51:24 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 		451 B
497 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding
gzip
etag
"1802e318f880ad7e5c7030e9da649cf6"
age
23643
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
222
x-amz-id-2
XwGL5A/opchKahlQi9+LJ85pMvvAW6iT8Pxh8E4Wm/0OGIVnNZwnPZN6FOz0yc5d1RmB9OrZs+w=
x-served-by
cache-hhn4039-HHN
last-modified
Tue, 07 Jul 2020 17:40:49 GMT
server
AmazonS3
x-timer
S1649901085.914328,VS0,VE0
date
Thu, 14 Apr 2022 01:51:24 GMT
vary
Accept-Encoding
x-amz-request-id
PF34D4MW3D0XEBM8
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
text/css
abp
62
x-cache-hits
3
tb
15.taboola.com/ 		33 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-revistaquem&unitType=226&tbloc=&pageType=home&pstn=Below%20Homepage%20Thumbnails&uuip=&cisrf=https%3A%2F%2Frevistaquem.globo.com%2F&cirf=https%3A%2F%2Frevistaquem.globo.com%2F&encoded=1&uid=12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b&variant=0|1786072171&callback=TRC.videoTagCallbacks.videoCallback1&cb=1649901086441&tagid=&cntry=DE&platform=1&sesid=7fc30cda47f4bab65c0a8b6bc42879c9&itemid=/&viewid=1649901086007&geolat=&geoing=&deviceifa=&appid=&sd=v2_7fc30cda47f4bab65c0a8b6bc42879c9_12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b_1649901084_1649901084_CIi3jgYQk_9JGLfKkq6CMCABKAQwODib4wlAhooQSMa02QNQp-wQWABgAGiD2JXN5_L01rUBcAA&ri=5821657da7f90219b7c0475234034be1&appname=&cdb=&gdprApplies=true&rid=&sii=-6411243343764226054&oee=true&tpubid=1212307&uis=4&fagg=1&ccpaDns=false&ccpaPrivacy=&region=MV&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
232f1e41e0421fc51b74d17a6982e940674ec4a5af6269e8a19497ae73c1bc23

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
access-control-allow-origin
https://revistaquem.globo.com
machineid
1482
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4039-HHN
pragma
no-cache
server
nginx
x-timer
S1649901085.940464,VS0,VE15
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
userx.20220413-5-RELEASE.es5.js
cdn.taboola.com/libtrc/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220413-5-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56146c12df1bb77b28379a2c698dadac07bfeccfcb12315e619142ff882aa969

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
oIiLH8TDNP.LxY.hOlIb2KSmPN0gUnWq
content-encoding
gzip
etag
"991c5805e5b3d2a577730da9a7f9c058"
age
84
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5730
x-amz-id-2
3s6lZWqR0gWjATk9NWcL15OherJdqybMIOPyFyBTFVB5jz4sxBu1Rk1h5cu+NLgDvcH/AhsrgrA=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 13 Apr 2022 09:14:59 GMT
server
AmazonS3
x-timer
S1649901085.940537,VS0,VE0
date
Thu, 14 Apr 2022 01:51:24 GMT
vary
Accept-Encoding
x-amz-request-id
K0GD01F4J4GEMTWC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
3
distance-from-article.20220413-5-RELEASE.es5.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20220413-5-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38821c94fe158d4a49849a3a55be31ed279f7d5f53cf75ef98abdcf792459e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
A_KDU0USLfBHSMJx4HkdSPTmnCN5G9ij
content-encoding
gzip
etag
"606f7c783422806bd2c1f090f2b3fb87"
age
95
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1010
x-amz-id-2
3nFkS0Vmy2P0/Nq3RSaSrV2RGBnY2ShbXt+l4Uad3zx3uw6k+y/OTlb0tTxCTBB6rk0Y/8QYjlk=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 13 Apr 2022 09:18:07 GMT
server
AmazonS3
x-timer
S1649901085.940716,VS0,VE0
date
Thu, 14 Apr 2022 01:51:24 GMT
vary
Accept-Encoding
x-amz-request-id
AND9ZT550HTFWA2K
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
4
article-detection.20220413-5-RELEASE.es5.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20220413-5-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb75c28b22a69d57f12f8a18abd64dc330c80910f9934bc6dcc3bb020e235a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
N9IMuW_2lsxFJS229Cbzv_EsdmmBytfw
content-encoding
gzip
etag
"4ac40cf3f5ce0b6b5273b9a6c2501ab6"
age
46
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1247
x-amz-id-2
rNHbSjbip2/hK8vPoQsJKWii7HuAmCWXTDqYcNakFLqGEq1O6ztxGDnG+w+47jjipjZSdAT1yv4=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 13 Apr 2022 09:18:28 GMT
server
AmazonS3
x-timer
S1649901085.940986,VS0,VE0
date
Thu, 14 Apr 2022 01:51:24 GMT
vary
Accept-Encoding
x-amz-request-id
4HWW9TK6ZX44QZ3X
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
4
tb
15.taboola.com/ 		40 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=editoraglobo-revistaquem&unitType=244&tbloc=&pageType=home&pstn=Below%20Page&uuip=Feed%20-%20Below%20Page&cisrf=https%3A%2F%2Frevistaquem.globo.com%2F&cirf=https%3A%2F%2Frevistaquem.globo.com%2F&encoded=1&uid=12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b&variant=0|1786072171&callback=TRC.videoTagCallbacks.videoCallback2&cb=1649901086445&tagid=&cntry=DE&platform=1&sesid=7fc30cda47f4bab65c0a8b6bc42879c9&itemid=/&viewid=1649901086007&geolat=&geoing=&deviceifa=&appid=&sd=v2_7fc30cda47f4bab65c0a8b6bc42879c9_12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b_1649901084_1649901084_CIi3jgYQk_9JGLfKkq6CMCABKAQwODib4wlAhooQSMa02QNQp-wQWABgAGiD2JXN5_L01rUBcAA&ri=a05de373b62ac84a12854a11846f7f35&appname=&cdb=&gdprApplies=true&rid=&sii=-6411243343764226054&oee=true&tpubid=1212307&uis=4&fagg=1&ccpaDns=false&ccpaPrivacy=&region=MV&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1207970&prcnt=&layer=&normp=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
288c9161dc86efed9a25473ceea9c6daeaf2c2194241ff9b1f4796976dc6fdc2

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
access-control-allow-origin
https://revistaquem.globo.com
machineid
1451
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn4039-HHN
pragma
no-cache
server
nginx
x-timer
S1649901085.942702,VS0,VE17
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20220413-5-RELEASE.es5.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20220413-5-RELEASE.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8dfb8ca877e68f8f14d256e37fd7c5f0541e6f753e5bb5ee519353af24d49a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
xLlYTCmsRS2p648yj4RO4FAD8InQSjEG
content-encoding
gzip
etag
"4e2342eaf2985af564b82c10a893108e"
age
116
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1514
x-amz-id-2
3XAreue3WNgFZPfXJydq92W/wp8+r4mxcLPWK43ooCaQZTYdwS214CBwSgQEKJ4u4PgZHJ6s0qQ=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 13 Apr 2022 09:17:37 GMT
server
AmazonS3
x-timer
S1649901085.944152,VS0,VE0
date
Thu, 14 Apr 2022 01:51:24 GMT
vary
Accept-Encoding
x-amz-request-id
EQ41D2CVJGTF1HPA
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
62
x-cache-hits
7
B27523155.332286467;dc_pre=CNX018C4kvcCFUT4dwodJ4sOFg;dc_trk_aid=524524303;dc_trk_cid=168638645;ord=2022-04-14+01%3A51%3A24;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286467;dc_trk_aid=524524303;dc_trk_cid=168638645;ord=2022-04-14+01%3A51%3A24;dc_lat=;dc_rdid=;tag_for_child_dir...
  • https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286467;dc_pre=CNX018C4kvcCFUT4dwodJ4sOFg;dc_trk_aid=524524303;dc_trk_cid=168638645;ord=2022-04-14+01%3A51%3A24;...
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286467;dc_pre=CNX018C4kvcCFUT4dwodJ4sOFg;dc_trk_aid=524524303;dc_trk_cid=168638645;ord=2022-04-14+01%3A51%3A24;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=revistaquem.globo.com
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10682
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286467;dc_pre=CNX018C4kvcCFUT4dwodJ4sOFg;dc_trk_aid=524524303;dc_trk_cid=168638645;ord=2022-04-14+01%3A51%3A24;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=revistaquem.globo.com
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
debug
am-trc-events.taboola.com/editoraglobo-revistaquem/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-revistaquem/log/2/debug?tim=01%3A51%3A26.450&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20thumbs-feed-01&llvl=2&id=4181&cv=20220413-5-RELEASE&lt=deflated&pct=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12520
debug
am-trc-events.taboola.com/editoraglobo-revistaquem/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-revistaquem/log/2/debug?tim=01%3A51%3A26.452&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01&llvl=2&id=1081&cv=20220413-5-RELEASE&lt=deflated&pct=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12520
ico-reading_d59f6cf61b.svg
s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ Frame 57F5 		851 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.glbimg.com/v1/AUTH_6fe2c04fd96b44a3802fd18cbc408596/assets/base/media/ico-reading_d59f6cf61b.svg
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
186.192.90.3 Rio de Janeiro, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
186-192-90-3.prt.globo.com
Software
/
Resource Hash
3618d79ad3db136bc1c3daa92384c7219e84feded9304ecdb84fba359dab15f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-openstack-request-id
tx95bc3ef80ebf40378e6fe-006246f9ea
last-modified
Wed, 09 Mar 2022 17:39:50 GMT
x-thanos
0AB24042
vary
Accept-Encoding, Origin
content-type
image/svg+xml
x-timestamp
1646847589.61894
cache-control
max-age=31536001, stale-while-revalidate=2, stale-if-error=31535999
x-trans-id
tx95bc3ef80ebf40378e6fe-006246f9ea
x-request-id
391b8153-fc45-4ff4-a33f-580f6e20223b
truncated
/ Frame 57F5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8ea57e595e5a74b8dfd024976ee0c6ad7592a468866daa71ab9d9344bd1033c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
/
usergate.globo.com/ 		29 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://usergate.globo.com/
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/globo/editora/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
201.7.182.142 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS
Software
nginx /
Resource Hash
c9333c7a7f077cc42b136872a860fb262cd891244b9c726f7934ca7220476639
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
User-Agent,Content-Type,Cookie,X-App,GLBID,GST
view
securepubads.g.doubleclick.net/pcs/ Frame BA0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvy4qz_TOJNaJ_T6lIfv1JV6vqN2K_yM_teeAHRYfAMKmI7Y80_Y7jzkPWkGpyNXhwKrJcaigDaCCOBt68Sfg6OXzzKB1zLuCzoTr5ORjSTpADK9Gw7pCfLowrOgTxa3RmrAlCid9SzUN-_TJobpZSZM9tAAA9HMnXAdTKSucCOU0YYhcRS6iOfjzUsiwWa3zlYo2Z12a_JPl98sqtmN6jxitzyaxTzr-6JiNhkSut6UcosHSCaP2sjmGHIqrX62KlflKICofI7IEG33oRzCcZnotn2g9h3rh6tq6P9WshRC74gKMtilZFaOe5h4QQtoOFKpA&sig=Cg0ArKJSzCSDh_JkKzbfEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:25 GMT
social
am-trc-events.taboola.com/editoraglobo-revistaquem/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/editoraglobo-revistaquem/log/3/social?route=AM:AM:V&lti=deflated&ri=5821657da7f90219b7c0475234034be1&sd=v2_7fc30cda47f4bab65c0a8b6bc42879c9_12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b_1649901084_1649901084_CIi3jgYQk_9JGLfKkq6CMCABKAQwODib4wlAhooQSMa02QNQp-wQWABgAGiD2JXN5_L01rUBcAA&ui=12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b&pi=/&wi=-6411243343764226054&pt=home&vi=1649901086007&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Frevistaquem.globo.com%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22%20QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_6fe2c04fd96b44a3802fd18cbc408596%2Fassets%2Fthemes%2Frevistaquem%2Fmedia%2Fog-image-quem_8fda4aabb9.png%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=01%3A51%3A26.499&id=8760&llvl=2&cv=20220413-5-RELEASE&
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.7.0/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b9467aba0de1d1acafd0553282d7da2ba58d3544872ae622d7cf4e992c99374

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront), 1.1 varnish
age
652854
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
28857
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 06 Apr 2022 12:29:49 GMT
server
AmazonS3
x-timer
S1649901085.002080,VS0,VE0
etag
"c2b8a68b1b588800747ff3ff1421208f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
Ujo90RZ_JyNhs3STYr5LJdXfbyf5hSiH5ERWxVxw6Q1qRD0LBotVdQ==
x-cache-hits
33591
container.html
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D4D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
Fri, 14 Apr 2023 01:51:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 14 Apr 2022 01:51:25 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
container.html
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D34 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
Fri, 14 Apr 2023 01:51:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Thu, 14 Apr 2022 01:51:25 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.19.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-19-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
apstag.js
c.amazon-adsystem.com/aax2/ Frame AC7B 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
873
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1632EHJV9RRQPN03W9YS
date
Thu, 14 Apr 2022 01:36:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
T1IOALYd050agXwdkT274ClainVLa2-XsbklifuOoGPszCLg-9Uzwg==
truncated
/ Frame AC7B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b07e4058312fb34178de8a2f47664480686212db790fb6835293392743e5a7b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
apstag.js
c.amazon-adsystem.com/aax2/ Frame 37CB 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
873
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1632EHJV9RRQPN03W9YS
date
Thu, 14 Apr 2022 01:36:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
tuzCV0ySOg9Ul0H3sdVedHtGucN5wldhWNUP1WX1-3ikbj4VgJ_YNQ==
truncated
/ Frame 37CB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe9b63819052818dc6cb6aa4aa9a32e7a6048bb877c1e21a8ae7515ec5c7fccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
apstag.js
c.amazon-adsystem.com/aax2/ Frame 3449 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/script-tags/owHCMR.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
6RTeJ.t3xDSJXjTxhAMtPfr9IcIsozAE
content-encoding
gzip
etag
4abd427e43cd6822329a2c05539e321f
age
873
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1632EHJV9RRQPN03W9YS
date
Thu, 14 Apr 2022 01:36:52 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
oj7m-9YyIwetslpLNrjJLbYrcxdtN7TYYJvjZgKoOOMOMEXpyWd4wA==
truncated
/ Frame 3449 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af1cfcefece6ec56ec553f418b8f9b213db677c2f7116080c56cd46639f7b3c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.7.0/ 		100 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc8d3b3701a95fae0ceb13be485bd16a31dcd0417066c9cc604d6c12e89bcd70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront), 1.1 varnish
age
652853
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
29447
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 06 Apr 2022 12:29:49 GMT
server
AmazonS3
x-timer
S1649901085.121767,VS0,VE0
etag
"502f5feb374777b76d7055c7263bab22"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
g9PqGPJXB8_4vRkFS4UrOh1bARsqldUqlwZA4mTDCBclK3McftJwWg==
x-cache-hits
39055
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1412
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame AC7B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=bGLhAnxaa1E2M2ZPWmc4ekkrVVJDWkxtV0U1R2JRdSsyQmZ1RHk2SGprS3F3RHdIYldDUStycUNidE9PWGY5Z0E3ZnJCRXZFM0s0eWIrVkVENDJXQmtnaDRRK0FHeHlDTjFXN0liV2lsMzlUWjMydE9TcisrTXFad3Riaz...
414 B
665 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bGLhAnxaa1E2M2ZPWmc4ekkrVVJDWkxtV0U1R2JRdSsyQmZ1RHk2SGprS3F3RHdIYldDUStycUNidE9PWGY5Z0E3ZnJCRXZFM0s0eWIrVkVENDJXQmtnaDRRK0FHeHlDTjFXN0liV2lsMzlUWjMydE9TcisrTXFad3RiazhIWktNUkQvSjVWZDJVM1Q4Vy9CeWVvUkQzUzIwZ3FsbVNnVkd1NUE3OE5VUnJubmJENS9EUVozdU5YcklySDlFSlhkdUdxWWYzOEFWOVplb04xNjlnNWJkZzR4TTdYTlkybUtNTHpXRmc1elhrb1NvamlLZDZ0VzV2TlMwRGN6VUExTFpJamlNOTRFMVY4YlBITDFWL0ZlZ3RxcnZ3UnB5OGJNWHZNUTdnYkJqZVhPa25iYz18&cppv=2
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
82f6aa9133be43a0cbdcfbf90d59e538b0fe46d6378dad934c09af81013ea678
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3341
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
location
https://mug.criteo.com/sid?cpp=bGLhAnxaa1E2M2ZPWmc4ekkrVVJDWkxtV0U1R2JRdSsyQmZ1RHk2SGprS3F3RHdIYldDUStycUNidE9PWGY5Z0E3ZnJCRXZFM0s0eWIrVkVENDJXQmtnaDRRK0FHeHlDTjFXN0liV2lsMzlUWjMydE9TcisrTXFad3RiazhIWktNUkQvSjVWZDJVM1Q4Vy9CeWVvUkQzUzIwZ3FsbVNnVkd1NUE3OE5VUnJubmJENS9EUVozdU5YcklySDlFSlhkdUdxWWYzOEFWOVplb04xNjlnNWJkZzR4TTdYTlkybUtNTHpXRmc1elhrb1NvamlLZDZ0VzV2TlMwRGN6VUExTFpJamlNOTRFMVY4YlBITDFWL0ZlZ3RxcnZ3UnB5OGJNWHZNUTdnYkJqZVhPa25iYz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1728
content-length
567
expires
0
translator
hbopenbid.pubmatic.com/ Frame AC7B 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AC7B 		448 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160070&zone_id=1780826&size_id=15&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_pubcid.org=e1fd06f0-a2a0-464f-8b17-bd531ea6dab2%5E1&rf=https%3A%2F%2Frevistaquem.globo.com%2F&tg_i.adunit=revistaquem.globo.com.dw.300x250.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter&tg_i.pbadslot=138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=392da920-1c7e-48b9-b6fe-6a26dcb00c04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.10251386951939989
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
567a6be7fa13ba4f8b6ec31d3f56a3402e9000ac83bcb241bc822e5a3b8447fb

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
448
Expires
Wed, 17 Sep 1975 21:32:10 GMT
pub
pixel.adsafeprotected.com/services/ Frame AC7B 		338 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/revistaquem.globo.com.dw.300x250.inter,ss:%5B300.250%5D,p:/138871148/revistaquem.globo.com.dw.300x250.inter%7D&wr=300.250&sr=1600.1200&url=https%253A%252F%252Frevistaquem.globo.com%252F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.231.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-231-109.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9fee2cfb019e58f8f91ca9a5b7ae2a1e7c022337076f2d57f0c9973f3f9d309b

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
x-server-name
app02.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
prebid
ib.adnxs.com/ut/v3/ Frame AC7B 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c08e9645aef1fbe59b11c8b45e5b70d0263e7f4ce65831231fd355ef1f5d3b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c3140b3d-836f-4f09-a810-7bc56289e022
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame AC7B 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
9cfe6a821f6512e865001d40fcbbbc421cf3e28d4b0817c28079fe46df0d994a

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://revistaquem.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame AC7B 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
91
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ Frame AC7B 		1 KB
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
fffaa703046a93163d20e0e5ab811939996ddf4b62fd503fac30bcf68c69bea6

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=google
  • https://cm.g.doubleclick.net/pixel?google_cm&google_nid=krux_digital&google_hm=T3h1d1V1RG0
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1649901085
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=T3h1d1V1RG0
  • https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=62 t=1649901085
x-served-by
beacon-n006-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEED_ak9lKgq3ZMhKQEPhxrQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
291
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://stags.bluekai.com/site/26357?id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?_kuid%3DOxuwUuDm%26partner%3Dbluekai%26bk_uuid%3D%24_BK_UUID
  • https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1649901085
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?_kuid=OxuwUuDm&partner=bluekai&bk_uuid=$_BK_UUID
Date
Thu, 14 Apr 2022 01:51:25 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https:%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iKwPB-q1hVtLaSu8q2g9cqQnlxUUNzZv
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iKwPB-q1hVtLaSu8q2g9cqQnlxUUNzZv
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=34 t=1649901085
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iKwPB-q1hVtLaSu8q2g9cqQnlxUUNzZv
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2736
content-length
218
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
p
sb.scorecardresearch.com/ Frame 01C9 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=OxuwUuDm&rn=1649901087
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-17.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
43
x-amz-cf-id
21rJOlckD_u7VVwYm0NOdnKCeea6_IY_6qB2GJgYrarWLd6pVlOs4w==
x-cache
Miss from cloudfront
content-type
image/gif
usync.html
ad.lkqd.net/cookie-sync/ Frame 5F43 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 14 Apr 2022 01:51:25 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1649901085.cds288.lo4.hn,1649901085.cds074.lo4.c
ad
v.lkqd.net/ Frame B799 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135549&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Frevistaquem.globo.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=60911820&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.115 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
6ecc2fcc947a095c427568c9c88a01754707f66e19c4599e3775d81bbda42376

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1350
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=66757&&dpuuid=OxuwUuDm&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dadobe%26partner_uid%3D$%7BDD_UUID%7D
  • https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1649901085
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

DCS
dcs-prod-irl1-2-v031-0267e2bef.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
WliB1gH/S7Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://beacon.krxd.net/usermatch.gif?partner=adobe&partner_uid=36295262786344900703919546269068142132
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mapuid
ib.adnxs.com/ Frame 01C9 		43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/mapuid?member_id=1780&user=OxuwUuDm
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:25 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
899f9089-0ccf-4d96-b2d2-1b2ed5d3a22d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
  • https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=92 t=1649901085
x-served-by
beacon-n017-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:25 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
0b16b56a-617b-411f-bd58-ba9fe55c46fc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://beacon.krxd.net/usermatch.gif?adnxs_uid=7704152931637928568
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
379708.gif
idsync.rlcdn.com/ Frame 01C9 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379708.gif?partner_uid=OxuwUuDm
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
  • https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN&gdpr=0
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN&gdpr=0
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1649901085
x-served-by
beacon-n014-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
pixel-sync.sitescout.com/connectors/krux/ Frame 01C9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=sitescout
  • https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location
https://pixel-sync.sitescout.com/connectors/krux/usersync?foreign_id=OxuwUuDm&redir=https://beacon.krxd.net/usermatch.gif?partner_id%3Dsscout%26partner_uid%3D$UUID
date
Thu, 14 Apr 2022 01:51:25 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a008-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=verizon
  • https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=OxuwUuDm
  • https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1649901085
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-FqJgcg9E2pt92P_OajUg4rmAKWDFvhtm7g--~A
content-length
0
sync
sync.navdmp.com/ Frame 01C9
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=navegg
  • https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
6 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fb8cbd778a059dd-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript

Redirect headers

location
https://sync.navdmp.com/sync?prtid=30&salid=OxuwUuDm
date
Thu, 14 Apr 2022 01:51:25 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
usermatch.gif
beacon.krxd.net/ Frame 01C9
Redirect Chain
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?dspret=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/krux/OxuwUuDm?zcc=1&redir=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Drhythmone%26partner_uid%3D%5BRX_UUID%5D&cb=1649901085203
  • https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private, no-cache, no-store
x-request-time
D=29 t=1649901085
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://beacon.krxd.net/usermatch.gif?partner=rhythmone&partner_uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
getdata.xgi
r.nexac.com/e/ Frame 01C9 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1709
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 37CB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ITdpU3xaazRQcURlMnZjUnVuaFVDbUpqeHc4YlVBR1paemhyZEdDbU82d2tXRFQyUC9QYnpmeW9JMGFUQlNaRllmVG0wZU9QNkpiOUZUT1YzZUYwK1phN3dPV1dBSHdrMHRHcVdKZVFhbnN3dDVPMldKMnMyRlg1RlZWeX...
409 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ITdpU3xaazRQcURlMnZjUnVuaFVDbUpqeHc4YlVBR1paemhyZEdDbU82d2tXRFQyUC9QYnpmeW9JMGFUQlNaRllmVG0wZU9QNkpiOUZUT1YzZUYwK1phN3dPV1dBSHdrMHRHcVdKZVFhbnN3dDVPMldKMnMyRlg1RlZWeXVDRk5ScGpLcm1ObjI4M1FtWStjQ3Y4NHB2SS9Wa0gxZW9pYlIvOEQ5cnU0TVVxbVlrbk1LU0ZGcjJlUnQ4bHFkbWtEekpKMS9XWlUxZVpTSFBGcVp1K1F5aGgrWXo0MW5aNHhVU1MzR1VxUDI4bDJxOFM5MzVZZXp2Vm1GZGVHZjB2NjY3Q1J1Ym5rT2tQRktBYVc4YTRIRlRET00wMXMrZGloZWtYQVpKd2czaFNjNEswUT18&cppv=2
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e25f540c4617aa5479b51f95290a1b087ad0ec0d12ea63cdce69377afa05fbc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4517
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
location
https://mug.criteo.com/sid?cpp=ITdpU3xaazRQcURlMnZjUnVuaFVDbUpqeHc4YlVBR1paemhyZEdDbU82d2tXRFQyUC9QYnpmeW9JMGFUQlNaRllmVG0wZU9QNkpiOUZUT1YzZUYwK1phN3dPV1dBSHdrMHRHcVdKZVFhbnN3dDVPMldKMnMyRlg1RlZWeXVDRk5ScGpLcm1ObjI4M1FtWStjQ3Y4NHB2SS9Wa0gxZW9pYlIvOEQ5cnU0TVVxbVlrbk1LU0ZGcjJlUnQ4bHFkbWtEekpKMS9XWlUxZVpTSFBGcVp1K1F5aGgrWXo0MW5aNHhVU1MzR1VxUDI4bDJxOFM5MzVZZXp2Vm1GZGVHZjB2NjY3Q1J1Ym5rT2tQRktBYVc4YTRIRlRET00wMXMrZGloZWtYQVpKd2czaFNjNEswUT18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1698
content-length
567
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 37CB 		448 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160070&zone_id=1780826&size_id=15&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_pubcid.org=e1fd06f0-a2a0-464f-8b17-bd531ea6dab2%5E1&rf=https%3A%2F%2Frevistaquem.globo.com%2F&tg_i.adunit=revistaquem.globo.com.dw.300x250.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter&tg_i.pbadslot=138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=796b21ae-791a-4fd0-a2e8-4ba65d012fd9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8672502717062089
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6624e2860f98fbe6ef2fc2b87590d2b88ab0f2fe205214dc87d97e9039284a4e

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
448
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/ Frame 37CB 		1 KB
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
377f6288ceb50b8db43ac5a8a0a862dffa067ddbd5ac090c63518cfb980e9a48

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
translator
hbopenbid.pubmatic.com/ Frame 37CB 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ Frame 37CB 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
6f797d664e491ce3d75b4060a8d96f5aae6643259c25ed5a537fa69bc69b05a5

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://revistaquem.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
c
prebid.a-mo.net/a/ Frame 37CB 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
31
vary
origin, Accept-Encoding
pub
pixel.adsafeprotected.com/services/ Frame 37CB 		338 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/revistaquem.globo.com.dw.300x250.inter,ss:%5B300.250%5D,p:/138871148/revistaquem.globo.com.dw.300x250.inter%7D&wr=300.250&sr=1600.1200&url=https%253A%252F%252Frevistaquem.globo.com%252F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.231.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-231-109.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d51e6679d0eca0442fe97192fbf01995fd805b7a14d68ff4d733b119e8412a8f

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
x-server-name
app05.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
prebid
ib.adnxs.com/ut/v3/ Frame 37CB 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
332b1f0ca617e3dc786122eb3d7a7ed33930d9c53cf81e8b56e07882640940c9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
25c70a22-2b51-40b8-9d5f-0fe4864169d5
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1670
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3449
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frevistaquem.globo.com%2F&domain=revistaquem.globo.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=5F9LynxYbSt4NnlnWWxJd0YvOTNySUd3QUNxeDFzVi9nQW45czliTUhjcFc4eTlNU0NDNlVTYnpIMlBybzZtVCtrOFlrR2JUdTB6MGI5TDRwL1E1eW5EeG43Ymc0V3BKTHc3aVk3STIycUppSHIxR1JVSGY1SG9DNkQ4N0...
422 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5F9LynxYbSt4NnlnWWxJd0YvOTNySUd3QUNxeDFzVi9nQW45czliTUhjcFc4eTlNU0NDNlVTYnpIMlBybzZtVCtrOFlrR2JUdTB6MGI5TDRwL1E1eW5EeG43Ymc0V3BKTHc3aVk3STIycUppSHIxR1JVSGY1SG9DNkQ4N01RV2VydUJPaHZHSlhMUmlhRjZuWUdIVnJNcWszQTNXakRnYWNUZzFzdGx4Q2pMZTBEVjBTby9JRTA2WUN1dHEvNEpjcUpHNHV5cHd2d0MwVE84RDhsZ0ZxQzVDM08zbnJZMnUyeUdhb1czd0EzSEdzbWN6OFV3UGxINFhGcHN6Z21HQloyUlFhSlBNZnRkZHRiQzB4Snh6ZzljdGo2a0hZQ0drRm4zTzkrZFM2NlFINS9EYz18&cppv=2
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
68b8126ff29602a4e807202845bb38add6117f62299e17981504ae6be9962990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4029
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:24 GMT
location
https://mug.criteo.com/sid?cpp=5F9LynxYbSt4NnlnWWxJd0YvOTNySUd3QUNxeDFzVi9nQW45czliTUhjcFc4eTlNU0NDNlVTYnpIMlBybzZtVCtrOFlrR2JUdTB6MGI5TDRwL1E1eW5EeG43Ymc0V3BKTHc3aVk3STIycUppSHIxR1JVSGY1SG9DNkQ4N01RV2VydUJPaHZHSlhMUmlhRjZuWUdIVnJNcWszQTNXakRnYWNUZzFzdGx4Q2pMZTBEVjBTby9JRTA2WUN1dHEvNEpjcUpHNHV5cHd2d0MwVE84RDhsZ0ZxQzVDM08zbnJZMnUyeUdhb1czd0EzSEdzbWN6OFV3UGxINFhGcHN6Z21HQloyUlFhSlBNZnRkZHRiQzB4Snh6ZzljdGo2a0hZQ0drRm4zTzkrZFM2NlFINS9EYz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4037
content-length
567
expires
0
pub
pixel.adsafeprotected.com/services/ Frame 3449 		341 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=931348&slot=%7Bid:/138871148/revistaquem.globo.com.dw.970x250.inter,ss:%5B970.250%5D,p:/138871148/revistaquem.globo.com.dw.970x250.inter%7D&wr=970.250&sr=1600.1200&url=https%253A%252F%252Frevistaquem.globo.com%252F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.231.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-231-109.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a5187f2cc738cc227b7ec3e10975643c06d4356cfbe03f7334d8192e9da583dc

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
x-server-name
app04.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
prebid
ib.adnxs.com/ut/v3/ Frame 3449 		20 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
79effc6309e95c6db32fbcd00ed5fe8ad02928e0b71c3a3c319640a68507ea61
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
817f32a6-3e29-4387-9205-052e4c9c8253
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3449 		448 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13894&site_id=160068&zone_id=1780802&size_id=57&rp_schain=1.0,1!hcodemedia.com,288,1,,,&eid_pubcid.org=e1fd06f0-a2a0-464f-8b17-bd531ea6dab2%5E1&rf=https%3A%2F%2Frevistaquem.globo.com%2F&tg_i.adunit=revistaquem.globo.com.dw.970x250.inter&tg_i.dfp_ad_unit_code=138871148%2C85042905%2Frevistaquem.globo.com.dw.970x250.inter&tg_i.pbadslot=138871148%2C85042905%2Frevistaquem.globo.com.dw.970x250.inter&tk_flint=pbjs_lite_v4.43.0&x_source.tid=d5a8a7bc-2dd1-45cc-b9e2-54b0f873ab04&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4310601236546454
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b56489731c504ca8eab1f8000c662bdf30849398bf1daeb8d7f110e300883c7

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:25 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
448
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 3449 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ Frame 3449 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
178
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ Frame 3449 		1 KB
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2410EL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e8d3cc25b15ffeca98e3d513a9cfef0383e2d0f33e9ca7312c24f87cb6be3cf0

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bid
ap.lijit.com/rtb/ Frame 3449 		24 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
6cbae3ea85056cdaec94f34a6aa24d71d32af6ed442304785fbfec2b89976ed4

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://revistaquem.globo.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
usync.html
ad.lkqd.net/cookie-sync/ Frame 9594 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 14 Apr 2022 01:51:25 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1649901085.cds288.lo4.hn,1649901085.cds074.lo4.c
ad
v.lkqd.net/ Frame F3A5 		180 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135550&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Frevistaquem.globo.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=28699940&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.115 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
view
securepubads.g.doubleclick.net/pcs/ Frame 57F5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5A6eLPCGLV-Y3ix6zt_Pp9XFE8nRZ_7RpLZjGQUFCj5cnRqgy7XGe5cIkBfo3UnXSmya5wxcWdLbn8CX7ffalapPxJhj1ERP7QEsY58iJoPOYnZkcS9XPRd0z6m1w9MmdAI4YGmLmeCKn31tgfWAJiaXwXyzeQs5_HCMbbEWnI-jbx-licMOVG9ZkCb_l9-eJfQtVQhHc2yM4lWeQkeTuuIqeT4d89zhto5rmH3RX0gEBTFC0DBrQda5KdoghhPLPMEzFr2hgA7f6mLWzmYmtImkVhrRMcK_KibQDXsS05LKRlEd7JZdCW3rhCm3uc3D9yA&sig=Cg0ArKJSzG3ekUIf20InEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:25 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bGLhAnxaa1E2M2ZPWmc4ekkrVVJDWkxtV0U1R2JRdSsyQmZ1RHk2SGprS3F3RHdIYldDUStycUNidE9PWGY5Z0E3ZnJCRXZFM0s0eWIrVkVENDJXQmtnaDRRK0FHeHlDTjFXN0liV2lsMzlUWjMydE9TcisrTXFad3RiazhIWktNUkQvSjVWZDJVM1Q4Vy9CeWVvUkQzUzIwZ3FsbVNnVkd1NUE3OE5VUnJubmJENS9EUVozdU5YcklySDlFSlhkdUdxWWYzOEFWOVplb04xNjlnNWJkZzR4TTdYTlkybUtNTHpXRmc1elhrb1NvamlLZDZ0VzV2TlMwRGN6VUExTFpJamlNOTRFMVY4YlBITDFWL0ZlZ3RxcnZ3UnB5OGJNWHZNUTdnYkJqZVhPa25iYz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
989
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ITdpU3xaazRQcURlMnZjUnVuaFVDbUpqeHc4YlVBR1paemhyZEdDbU82d2tXRFQyUC9QYnpmeW9JMGFUQlNaRllmVG0wZU9QNkpiOUZUT1YzZUYwK1phN3dPV1dBSHdrMHRHcVdKZVFhbnN3dDVPMldKMnMyRlg1RlZWeXVDRk5ScGpLcm1ObjI4M1FtWStjQ3Y4NHB2SS9Wa0gxZW9pYlIvOEQ5cnU0TVVxbVlrbk1LU0ZGcjJlUnQ4bHFkbWtEekpKMS9XWlUxZVpTSFBGcVp1K1F5aGgrWXo0MW5aNHhVU1MzR1VxUDI4bDJxOFM5MzVZZXp2Vm1GZGVHZjB2NjY3Q1J1Ym5rT2tQRktBYVc4YTRIRlRET00wMXMrZGloZWtYQVpKd2czaFNjNEswUT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 01:51:25 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
994
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 7D4D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:32:52 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7D4D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7D4D 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:25 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5F9LynxYbSt4NnlnWWxJd0YvOTNySUd3QUNxeDFzVi9nQW45czliTUhjcFc4eTlNU0NDNlVTYnpIMlBybzZtVCtrOFlrR2JUdTB6MGI5TDRwL1E1eW5EeG43Ymc0V3BKTHc3aVk3STIycUppSHIxR1JVSGY1SG9DNkQ4N01RV2VydUJPaHZHSlhMUmlhRjZuWUdIVnJNcWszQTNXakRnYWNUZzFzdGx4Q2pMZTBEVjBTby9JRTA2WUN1dHEvNEpjcUpHNHV5cHd2d0MwVE84RDhsZ0ZxQzVDM08zbnJZMnUyeUdhb1czd0EzSEdzbWN6OFV3UGxINFhGcHN6Z21HQloyUlFhSlBNZnRkZHRiQzB4Snh6ZzljdGo2a0hZQ0drRm4zTzkrZFM2NlFINS9EYz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 14 Apr 2022 01:51:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1512
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 0D34 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:32:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1113
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8002
x-xss-protection
0
server
cafe
etag
5332015062585099865
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:32:52 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0D34 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236305
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Apr 2023 08:13:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D34 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:25 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 37CB 		385 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frevistaquem.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 20:02:53 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server
Server
age
20912
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
content-length
385
x-amz-cf-id
t8r9SUzppTMVUMGKA7_3wfXavA-Pz8FfenqWRyy8bla9etpxQGYTqA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 37CB 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
83501
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Wed, 13 Apr 2022 02:39:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
HQ1q-obBS0XZI_nEHa_mEh2zLmAgfoBtzzRYs32mDFILGnXMaElQaQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame AC7B 		385 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frevistaquem.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 20:02:53 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server
Server
age
20912
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
content-length
385
x-amz-cf-id
mHEvQDTPsWgDXXS7h7CwHfM-aDafM_6B5WKUt_QeLlZd08R5oPEPBw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame AC7B 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
83501
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Wed, 13 Apr 2022 02:39:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
HVEyTTkVYzZbK_K8Hv4Z7ba0hx96nzMnTY6X4xQkP78A2ET4TGGDBA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 3449 		385 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frevistaquem.globo.com&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 20:02:53 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server
Server
age
20912
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P3
content-length
385
x-amz-cf-id
r4aWcjh_Tx3WyT1-NGvlBCHNFVhtTwbNRx-M9PNWOXdimoIu2s9x9Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3449 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
83501
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
date
Wed, 13 Apr 2022 02:39:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
2V78Mtewv-E9b_lzA3gxDAnbeBbWYR661SxaMxWE4kQQ2Ufew99ftw==
view
securepubads.g.doubleclick.net/pcs/ Frame 3449 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYKOQkK18xeWXyvD13c5oq9vgxOjOawDX9V1V3q3-pgBJh20qeYB0Cr0zV0o-dIX_KavgHgYUW1JXajqlCNE377Oj22v4RRB6lk8srxKxzkasR_rQQSCJlZog1psMrTTGFSa6LYYQRKJT6MdgQDjo33KyBbgj9vTxuSWbDP7UmVfW1-jzoLJMx_ZIzdJWif6ptQPJqxGHte4jUeFQh7_gb8orteTsXUKAADJDL4vauelLJvPH69Xmy6bUn7kiYwPM5QNVGLx3QbsUmC9yyDuf7Y38R39Uh9Fl9lSKjETKse80ARdjb1o1usHd0zuBjneNqCA&sig=Cg0ArKJSzHFvK07wOrPvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AC7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0KAJC5vxKwcvt5ixK3bhXdWDsOw4vlZ-VueMvvAB1g5V9ysIWwp9Y07e-f6CbLO9R5EtZCKaLIOY0oAv5Yy43X_Odurod-hoSq7h4mcviH9m2Oo-JKW9xbGDVoLVHzwvJ2uzrlphTM5pAJCf0WGD4HDLTvRZ6_hkbWAqTTo6fya2u3C7zDQgrjl18pwPuO7rsSj3vQ9kbpCU6c_kzJ_RV71VelOp39nivONbl7_ar-ym5jQ18Z_mQoE8AqnwEIyNderzRsXp317X7rchwucJCcB2Lcdj6mSU2Xh1uXIBSRGqtd3gaHdLCghYGkR48kAQVKQ&sig=Cg0ArKJSzDBQ9VUOS_nKEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 37CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssd5SOsKMG3K81Wn-p5plpDHaP6eJbTkBUU1IZ01tyG5UaZ1D0G9NxLcRzDWpaZ2tx-FNbgVx3FJ_kFt42abj8NJbPmYHpQuNkl0sksmEjZpoxnXNp4Rw9DD8dmCHI_nYNPOhUyaY51KCXk9X29GnEDM0F0P6WTXL8GpvUQOww6koDc0TJ8hs26wN2CjlcT454jUELeXRoQ1Ae_vrY5fQT85afgNC-VswrfPf0wIL6XoUhfn2T8p7sCtKp78TNPFzTJGSs0erFRoliPupHtEqAW8bRE8A2Poj_Lnq2rCTr89RIhzBwvwfvnSXWJ-adWYv28Ww&sig=Cg0ArKJSzEuhW6PpBlNhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:25 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame AC7B 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Thu, 14 Apr 2022 01:11:03 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
585434560
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 37CB 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Thu, 14 Apr 2022 01:11:03 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
585434560
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 3449 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Thu, 14 Apr 2022 01:11:03 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
11181
x-request-id
585434560
cs
cs.lkqd.net/ Frame 5F43
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3811ca64-63de-4fcc-bcba-019a105eea71
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3811ca64-63de-4fcc-bcba-019a105eea71
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3811ca64-63de-4fcc-bcba-019a105eea71
date
Thu, 14 Apr 2022 01:51:25 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 5F43 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 5F43 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 5F43
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 5F43
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=T6o7723FQLtO2D-jnK6nwNlAl0Q
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=T6o7723FQLtO2D-jnK6nwNlAl0Q
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=T6o7723FQLtO2D-jnK6nwNlAl0Q
Date
Thu, 14 Apr 2022 01:51:25 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 7D4D 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
Origin
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 07:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 07:40:58 GMT
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 0D34 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
Origin
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 07:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65427
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 07:40:58 GMT
cs
cs.lkqd.net/ Frame 9594
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d0ea4b24-3280-4893-8338-09bc7e28694d
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d0ea4b24-3280-4893-8338-09bc7e28694d
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=d0ea4b24-3280-4893-8338-09bc7e28694d
date
Thu, 14 Apr 2022 01:51:25 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 9594 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9594 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9594
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3861132695741061582
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3861132695741061582
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3861132695741061582
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 9594
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Date
Thu, 14 Apr 2022 01:51:25 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
t
t.lkqd.net/ Frame 756D 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
t
t.lkqd.net/ Frame 47A6 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 93B7 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1649901085.cds288.lo4.hn,1649901085.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
bid
c.amazon-adsystem.com/e/dtb/ Frame 37CB 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frevistaquem.globo.com%2F&pid=N6wWHYCLoA22Y&cb=0&ws=300x250&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Frevistaquem.globo.com.dw.300x250.inter%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
E2R51SJG9JXEBC39AK9Z
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
aE00sKDoaHwdcC2N1WZJHcwC_oGnZ_61gOgLquZDDyzKyZf077dDoQ==
cd
cd.navdmp.com/ 		6 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cd.navdmp.com/cd?prtid=13574&prtusridr=efb90c78474e89586788427f08288892071e7eeb
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6fb8cbd91a4959dd-MXP
content-length
6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/x-javascript
bid
c.amazon-adsystem.com/e/dtb/ Frame AC7B 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frevistaquem.globo.com%2F&pid=Qs0IUkaQhoDMZ&cb=0&ws=300x250&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Frevistaquem.globo.com.dw.300x250.inter%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
GVS40CESC7KKYV1C6HD0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
-VSXz40PGcaFhZvzynZ5icd2c2M2UVI7AExCqVcPAOXBG7U6pIUbFg==
996.json
id5-sync.com/g/v2/ Frame 37CB 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
e0ed584a01d2f3b104a3aece2010217173b39fe6b22136fb9b455583b471548d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://revistaquem.globo.com
Date
Thu, 14 Apr 2022 01:51:24 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
996.json
id5-sync.com/g/v2/ Frame 3449 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
71d94e3ecf65c3f08d42b45f03fb58b1c0be733de4bfefbd2f87d950f9c1265c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://revistaquem.globo.com
Date
Thu, 14 Apr 2022 01:51:24 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
996.json
id5-sync.com/g/v2/ Frame AC7B 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
98a9c318bc8344fa117dfda5806a268974e840c0e5a5e2bcf0cef0e2f24da275
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://revistaquem.globo.com
Date
Thu, 14 Apr 2022 01:51:24 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
index.html
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame 3268 		78 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8fe6d937854a9af03cfd77405c291b2cabe1a29c25f839928cebaaaea4f2b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19612
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 21:31:09 GMT
expires
Thu, 14 Apr 2022 21:31:09 GMT
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 7D4D 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZlRfkONNo8BtpCiCb7fGrr-iIN5xdPmVhYQSNsiP02xLaPT9lX9q_mwI5mENYHD7m1MQO4kkbaKiOoxkMz7Sx0EdsXOd55MLk4IMcTQLmv8iJqQZjf_nfg5awOQnOmC8Tqhbyp9LqFpHxug9lpoINlG90vRm1sX2ujbs2qAJIac5n6oUPCcIKihlgHvEGMrE3mXWILomAmvG5PyjRt3u9OQBeXcMOhDeW9sqy0Te9g2_lXA3lz3SX9bFhezT1xa6IjNYIvcmv36x0A-sZhsVBmnUhKOHHEZ1W7fFafiRqNhAtAZCeM-gelXCsdFY&sig=Cg0ArKJSzAHx8Gtk-boYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame E54B 		78 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8fe6d937854a9af03cfd77405c291b2cabe1a29c25f839928cebaaaea4f2b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
15616
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
19612
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 21:31:09 GMT
expires
Thu, 14 Apr 2022 21:31:09 GMT
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0D34 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7o7ymxJRIt-AFgtzRnbmt9FM9NC-4okttKI601J3LFBqlIQuQpCwu_T2gxUURVl5JJn1WUqec_vR7UD-jl_X3a8uzhU21FdPP0hmR_1XSV6YGv2wPN9He-EYdTR_pC41N6bxv-5d25pvy4nnaojhOwTfrf7RJyyYO-5M-a2tGpu25r1KMTvjpzgW3yLJRUVl4tBFy9ctFcddt_bkSqXbdAEQi16tY0dfTt1wKE1wymV8jA95Tcck1nxLH1hK0EupNclIKWUsfzqzjq5Syfgme3j-rUDuXd9wgr-CTuYp2XQdrjc62amKGgkPgu4U&sig=Cg0ArKJSzN5WHTfXmqJwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
URL: https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
usync.html
ad.lkqd.net/cookie-sync/ Frame 3807 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 14 Apr 2022 01:51:25 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1649901085.cds288.lo4.hn,1649901085.cds074.lo4.c
ad
v.lkqd.net/ Frame 93B7 		74 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135549&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Frevistaquem.globo.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=60911820&m=&rtv=1&thost=revistaquem.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.115 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e48c04f723a115625f43bf02f52a2ec7761f932f5d68cdf43b4f7a41a1059e40

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5619
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135549&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Frevistaquem.globo.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=60911820&m=&rtv=1&thost=revistaquem.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.115 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 37CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 37CB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 37CB 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4190216539386806&correlator=662727302983040&eid=31060838%2C31067090%2C31067074%2C31065401%2C44742767%2C31065787&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Crevistaquem.globo.com.dw.300x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=109163320&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_101efe4f5d7e77%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D6482619d-bb95-11ec-9910-02c49424d9cb%26vw%3D40%252C50%252C60%252C70%26vw05%3D40%252C50%252C60%26vw10%3D40%26ias-kw%3D%26pwtsid%3D862756197df8ae%26pwtbst%3D1%26pwtecp%3D0.15%26pwtpid%3Dappnexus%26pwtpubid%3D157163%26pwtprofid%3D4986%26pwtverid%3D3%26pwtsz%3D300x250%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&sc=1&cookie=ID%3Dccf5a7e86be6a5c5%3AT%3D1649901084%3AS%3DALNI_MbDibqhOu1gtgLEcbsoKSnqy7wTdQ&cdm=revistaquem.globo.com&abxe=1&dt=1649901087206&lmt=1649901087&dlt=1649901086064&idt=257&biw=1600&bih=1200&isw=300&ish=250&adxs=488&adys=1336&ucis=1u4j965exbcq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Frevistaquem.globo.com%2F&top=https%3A%2F%2Frevistaquem.globo.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=416071499.1649901085&ga_sid=1649901087&ga_hid=1459032628&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8ab432a75639b2653ba74325bb39f48d9057dade3b44acd6d1ccffdfa5419480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8908
x-xss-protection
0
google-lineitem-id
5676125516
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347101821
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 37CB 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ed0cdb87b299cbbb3c0471d2868db5f5071995c1ae40c1ee3f5e6e9218832f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10476
x-xss-protection
0
container.html
fec9fe8de1b879341a5e33774e1c28ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2263 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fec9fe8de1b879341a5e33774e1c28ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:25 GMT
expires
Fri, 14 Apr 2023 01:51:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame AC7B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame AC7B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame AC7B 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2931402720407680&correlator=4095426751099462&eid=31065401&output=ldjh&gdfp_req=1&vrg=2022040701&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Crevistaquem.globo.com.dw.300x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=109163320&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_10448775e351cdf%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D64823a82-bb95-11ec-89d6-02c790015d1e%26vw%3D40%252C50%252C60%252C70%26vw05%3D40%252C50%252C60%26vw10%3D40%26ias-kw%3D%26pwtsid%3D8a68342b70e3dd%26pwtbst%3D1%26pwtecp%3D0.12%26pwtpid%3Dappnexus%26pwtpubid%3D157163%26pwtprofid%3D4986%26pwtverid%3D3%26pwtsz%3D300x250%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&sc=1&cookie=ID%3Dccf5a7e86be6a5c5%3AT%3D1649901084%3AS%3DALNI_MbDibqhOu1gtgLEcbsoKSnqy7wTdQ&cdm=revistaquem.globo.com&abxe=1&dt=1649901087235&lmt=1649901087&dlt=1649901086052&idt=233&biw=1600&bih=1200&isw=300&ish=250&adxs=1136&adys=1336&ucis=3qzqek6v0gud&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Frevistaquem.globo.com%2F&top=https%3A%2F%2Frevistaquem.globo.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=416071499.1649901085&ga_sid=1649901087&ga_hid=1506688881&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
85bc7863e8d1a7d4d4d259c8a8f847dcb66f0033a92a7608d403b7ce26625b1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8880
x-xss-protection
0
google-lineitem-id
5674588980
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347100936
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AC7B 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ab437d66d4e2b6020a404697b11ac580e215723224bf58298281551bf6aa5d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10623
x-xss-protection
0
container.html
aca576afd1bf443543c13a542593589f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 027A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aca576afd1bf443543c13a542593589f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:25 GMT
expires
Fri, 14 Apr 2023 01:51:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
st
imprammp.taboola.com/ Frame 2454 		742 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66427505&crid=6168135&dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&cmcv=&pix=undefined&cb=1649901087270&uv=3158&tms=1649901087270&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=88A137E40495907741492491367&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4070-HHN
x-timer
S1649901086.773237,VS0,VE17
sync
am-match.taboola.com/ Frame 90F0 		742 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 14 Apr 2022 01:51:25 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		10 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=619&height=348&pubid=169497&tagid=953497&crid=6168135&noaop=3&sortOrderType=0&cb=1649901087275&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1388&pt=-594364403&tz=0&viewable=true&ddast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2524685&dpubid=432455&abtst=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Frevistaquem.globo.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9f6cda5dfe0ccfa3ffdb47f8e23c2362748a7e4499da39187f4e35de19eb22a6

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
access-control-allow-origin
https://revistaquem.globo.com
machineid
1430
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4039-HHN
pragma
no-cache
server
nginx
x-timer
S1649901086.781071,VS0,VE30
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://impr.taboola.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66427505&crid=6168135&dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&cmcv=&pix=31589837&cb=1649901087270&uv=3158&tms=1649901087270&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1649901081129.3!ts:1649901087270&mntl=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-length
0
server
nginx
st
imprammp.taboola.com/ Frame BAB8 		1 KB
601 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=undefined&cb=1649901087292&uv=3158&tms=1649901087292&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=FFFC28DA1503412991169071178&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4070-HHN
x-timer
S1649901086.791247,VS0,VE17
sync
am-match.taboola.com/ Frame 6FE7 		928 B
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 14 Apr 2022 01:51:25 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=31589837&cb=1649901087287&uv=3158&tms=1649901087287&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1649901081129.3!ts:1649901087287&mntl=1
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-length
0
server
nginx
bid
c.amazon-adsystem.com/e/dtb/ Frame 3449 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frevistaquem.globo.com%2F&pid=lbglp4ZNnSCjp&cb=0&ws=970x250&v=7.75.0&t=2000&slots=%5B%7B%22sd%22%3A%22%2F138871148%2Frevistaquem.globo.com.dw.970x250.inter%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F138871148%2C85042905%2Frevistaquem.globo.com.dw.970x250.inter%22%7D%5D&schain=1.0%2C1!hcodemedia.com%2C288%2C1%2C%2C%2C&pubid=ea05d466-f785-4b9a-a030-6fdc6a39498f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
5R9CE25SYPY874G48RYK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
6ZK4lki2m_3uCiUkwfr0bmwKI7we4xbPmmPP6RmPzK1nk_Z-k-rO8w==
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame 3268 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:40:23 GMT
DcmEnabler_01_243.js
s0.2mdn.net/879366/ Frame E54B 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_243.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:40:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 01:55:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:40:23 GMT
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/31_5_8/infra/ 		751 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aca1050d2fff37e97c87876c0ecb69b2e04443afeed2973bb00c5a83cc3d6f31

Request headers

Referer
https://revistaquem.globo.com/
Origin
https://revistaquem.globo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 varnish
age
574493
x-amz-meta-mtime
1649326439
x-cache
HIT
x-amz-meta-ctime
1649326440
x-amz-meta-mode
33188
content-encoding
br
content-length
132037
x-amz-id-2
rdP2SXsYIE/oKPVdQwuNca3gLKSpeby7tGTL7mpgzyGFysapOqCxS2DD/ahKEhfaltsJEtxbm7o=
x-served-by
cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Thu, 07 Apr 2022 10:14:01 GMT
server
AmazonS3-br
x-timer
S1649901086.900457,VS0,VE0
etag
"b04e13daff92f7babede119d5fbf4c15"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
AC2YAA398SH4BN4X
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
8523
cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_5_8/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/31_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.7.0/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f851b17761d140f156750a1e1b239f75be8b2009887a3f89a0af2871e41405b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
via
1.1 varnish
age
574492
x-amz-meta-mtime
1649326492
x-cache
HIT
x-amz-meta-ctime
1649326492
x-amz-meta-mode
33188
content-encoding
br
content-length
8294
x-amz-id-2
pk7rsu0gt52GF9DxDYVvdnmtQSR7CNCNlZW4Q5wCNt+lGQZIK9E9hXCVNuvyu8AdJ9UCECrYwS8=
x-served-by
cache-hhn4039-HHN
accept-ranges
bytes
last-modified
Thu, 07 Apr 2022 10:14:53 GMT
server
AmazonS3-br
x-timer
S1649901086.879305,VS0,VE0
etag
"7109a5557051e4983d59fded16204002"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
AC2TJP5XVJ0HZNNZ
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
161403
generic
match.adsrvr.org/track/cmf/ Frame 2454 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66427505&crid=6168135&dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&cmcv=&pix=undefined&cb=1649901087270&uv=3158&tms=1649901087270&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=88A137E40495907741492491367&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 2454 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66427505&crid=6168135&dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&cmcv=&pix=undefined&cb=1649901087270&uv=3158&tms=1649901087270&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=88A137E40495907741492491367&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 2454
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66427505&crid=6168135&dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&cmcv=&pix=undefined&cb=1649901087270&uv=3158&tms=1649901087270&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=88A137E40495907741492491367&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
14774

Redirect headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
51
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 90F0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 90F0 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 90F0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18823

Redirect headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
112
Connection
keep-alive
Content-Length
0
integrator.js
adservice.google.de/adsid/ Frame 3449 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3449 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=revistaquem.globo.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3449 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2499927362386776&correlator=3702107729262548&eid=31067090%2C44761483%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=138871148%3A85042905%2Crevistaquem.globo.com.dw.970x250.inter&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=1992911428&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=pwtdeal_ias%3DPMP_-_42_-_10dccf49ddb75c8%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26fr%3Dfalse%26id%3D6483c0a6-bb95-11ec-ae9d-061b2abdf756%26vw%3D40%252C50%252C60%26grm%3D40%26vw05%3D40%252C50%26vw10%3D40%26ias-kw%3D%26pwtsid%3D9fc2ad1d7a5002%26pwtbst%3D1%26pwtecp%3D0.10%26pwtpid%3Dappnexus%26pwtpubid%3D157163%26pwtprofid%3D4986%26pwtverid%3D3%26pwtsz%3D970x250%26pwtplt%3Ddisplay%26amznbid%3D2%26amznp%3D2%26hcmviewable%3Dfalse&eri=1&sc=1&cookie=ID%3Dccf5a7e86be6a5c5%3AT%3D1649901084%3AS%3DALNI_MbDibqhOu1gtgLEcbsoKSnqy7wTdQ&cdm=revistaquem.globo.com&abxe=1&dt=1649901087403&lmt=1649901087&dlt=1649901086075&idt=263&biw=1600&bih=1200&isw=970&ish=250&adxs=315&adys=6175&ucis=ai076e5w9dg0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=https%3A%2F%2Frevistaquem.globo.com%2F&top=https%3A%2F%2Frevistaquem.globo.com%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=970x0&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=416071499.1649901085&ga_sid=1649901087&ga_hid=1174924228&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
181ddc81b96640856391cdf722703ec20adada736d23c3d837ef6318fc9cb7ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8878
x-xss-protection
0
google-lineitem-id
5676125501
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347101596
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3449 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4577849355a747601ae4a4e5c671a96064e8ad1382b94b073b7158bdb846e07a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10444
x-xss-protection
0
container.html
29f33738099d8a2ba9033c0012e3fcbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 54D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://29f33738099d8a2ba9033c0012e3fcbd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:25 GMT
expires
Fri, 14 Apr 2023 01:51:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 37CB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AC7B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:25 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame 6FE7 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 6FE7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6FE7
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18823

Redirect headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
66
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 6FE7 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.19.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-19-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 6FE7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58534/occ
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15130

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-HkQM96pE2uEb2CP2v2EBLNVoQRONXBw1X8QuSWY-~A
date
Thu, 14 Apr 2022 01:51:25 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame BAB8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=undefined&cb=1649901087292&uv=3158&tms=1649901087292&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=FFFC28DA1503412991169071178&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame BAB8 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=undefined&cb=1649901087292&uv=3158&tms=1649901087292&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=FFFC28DA1503412991169071178&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame BAB8
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=undefined&cb=1649901087292&uv=3158&tms=1649901087292&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=FFFC28DA1503412991169071178&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
19736

Redirect headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
115
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame BAB8 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=undefined&cb=1649901087292&uv=3158&tms=1649901087292&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=FFFC28DA1503412991169071178&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.19.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-19-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
t
t.lkqd.net/ Frame ED86 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 5CF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssb9agaF0STEbD9Yz0k-J5R6sbi88cvNmylPQeckcMVefKRR821gHsHtA82ymJuZJ9yEgD9yCklCzyyKpfgUr7BLi01eyrVLY3tu_5Rl9_kQqkcsL86wdv9baMCcBQ7w8fY67NRDVCE6XqxseG-f4-Bx2XhDq_4km6EasEODE_ys5b45_BGZ-e3kcaXHFJG3NMUyfGtwxX5NtfLk2wEQBbbJVvbhjUpWDGjaxi__iRbkVyBw50q6wXWM-BAEGKOad8vo2VLYedgq5UzWeExv6-DBYqPDxaios3Zhg5KLnilp1N-CSFg5DgxqWHk2IYtc9JExCqx5a5-i3S6GT7MX3CYZjKkA2VVTDBg5QnI&sig=Cg0ArKJSzCEhITAn81ECEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
render_post_ads_v1.html
googleads.g.doubleclick.net/pagead/ Frame 1527 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
4980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 19:52:10 GMT
etag
12223946614886178233
expires
Thu, 14 Apr 2022 19:52:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 5CF3 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4875
x-xss-protection
0
server
cafe
etag
7698967424627035244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 02:50:26 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 5CF3 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Fri, 14 Apr 2023 01:51:26 GMT
it
fra1-ib.adnxs.com/ Frame 5CF3 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Frevistaquem.globo.com%252F&e=wqT_3QKNBvBMDQMAAAMA1gAFAQid_N2SBhCCtYWE3qjFnzQY-MTAjN7IqfVqKjYJz_QSY5l-xz8RDPfb6K3Lwj8ZAAAAoHA99j8hDPfb6K3Lwj8pz_QJJNAxAAAAgOtRyD8wnunICjjWREDlHkhlUKGf6SRYzoGVAWAAaImUsAF4utkFgAEBigEDVVNEkgUG9BMCmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWF3YmlkJmF3YmlkX2I9QUtBbWYtQU0ta1Y1d2VObXJrdFVsX3hna0dudWhNWFVzMENmYWtJWUVVMjkzckozclN5ZEdLOTgycF96X0JRNERrUXJrOFhLWGxnTjkweWdoRm9XdjhKNkJhZmFObHhwNncmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTMzc2NDc1MTIwMzM2ODUyNDQxOCIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF5KSS2d2QiIMDwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlAoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAASlEIAAwADi-BkAAyAe62QXSBw0JCUUAAAVHCNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=89524257ba7873309ffcf47b9959f0a095afa645
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:25 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bf57cf40-6898-48ca-9fde-2b66d24c5554
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CF3 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Dox1URIqMlLCLUc1HbzVsGiQIcavYPvxL_riD_RH8wCvyWTjPjK9-ZWvYyr7fcKl3KnsCFGWPiW710LE2som5lyGYP5g
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5CF3 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:25 GMT
wt
t.pubmatic.com/ Frame 37CB 		17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.pubmatic.com/wt?pubid=157163&purl=https%3A%2F%2Frevistaquem.globo.com%2F&tst=1649901087&iid=b1a99d4b-dd10-44c9-9087-0c28e85295ce-nefde&bidid=862756197df8ae&pid=4986&pdvid=3&slot=%2F138871148%2Frevistaquem.globo.com.dw.300x250.inter&au=%2F138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter&bc=appnexus&pn=appnexus&en=0.15&eg=0.15&kgpv=revistaquem.globo.com.dw.300x250.inter(%24%7C.refresh%24)%40.*%40300x250&piid=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
17
content-type
text/plain; charset=utf-8
cs
cs.lkqd.net/ Frame 3807
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=23d61c55-3801-422a-89df-cf38add6a977
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=23d61c55-3801-422a-89df-cf38add6a977
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=23d61c55-3801-422a-89df-cf38add6a977
date
Thu, 14 Apr 2022 01:51:25 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 3807 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3807 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3807
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 3807
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Date
Thu, 14 Apr 2022 01:51:25 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 7246 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzrO9osRffs8rDIUlb7-K_3xXTQnfjojD_b8MshCHStAc257ijNUhylJBb-FV3FXsmKdu5G6o7I5bQIGbdy8vZxZRYqQnbs3tsxe7yFPHTS03fkVZHfzOg0HbWLrMWpQq-q-IulK7FCls9LNE0NPAwVNbdBWYOvb3mrwjKTiQxHDjqKajrv_SgS51qsotKtPRPetDRSetMNuwxarYYeQcJ8yosPpSh_0CQ4ypc8iMYFsZOJnC1vNxd-wX8npFQeUop9wPs4Xe8403jBS2Vuz88wX-rmnUTeNqc5PZRRL4zLCEkd8ciISKtxnZgDjT8VpdSJW5WA6KzzXm_39ezDfmmzz_EEYEVDBi6jd4&sig=Cg0ArKJSzPAEUpjtvoVUEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
render_post_ads_v1.html
googleads.g.doubleclick.net/pagead/ Frame 4D3C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21555
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
4980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 19:52:10 GMT
etag
12223946614886178233
expires
Thu, 14 Apr 2022 19:52:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame 7246 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4875
x-xss-protection
0
server
cafe
etag
7698967424627035244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 02:50:26 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 7246 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Fri, 14 Apr 2023 01:51:26 GMT
it
fra1-ib.adnxs.com/ Frame 7246 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Frevistaquem.globo.com%252F&e=wqT_3QKNBvBMDQMAAAMA1gAFAQid_N2SBhCmuciigOr43UkY-MTAjN7IqfVqKjYJHEKVmj3Qwj8RxmmIKvwZvj8ZAAAAoHA99j8hxmmIKvwZvj8pHEIJJNAxAAAAgOtRyD8wnunICjjWREDlHkhlUKGf6SRYzoGVAWAAaImUsAF42dYFgAEBigEDVVNEkgUG9BMCmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWF3YmlkJmF3YmlkX2I9QUtBbWYtQTJCVWRqQXFyT1F1Y3BFcHlkRnJSSzhCc2IwdmZycXBDLUZBM1VPNjF4dDJsT240UjZLUERTNFBqLUdNX1Zzc052YkRUWHVBYjlZOUdYSXJsREVoeVVIbm93M2cmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTNTMxMzA5MDExODIyMzAxMDk4MiIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAFjsabpbWA7cotwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlAoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAASlEIAAwADi-BkAAyAfZ1gXSBw0JCUUAAAVHCNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=f4fc564d531c064ec66407a8619f8103cf1c66ac
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:25 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fffe994e-d081-4b38-89f5-bd0a89f61407
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7246 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-A0KXCAuTsJ_w-u6PqpNIcCfXsqk21ndc5wFE3PTMaw1Go_FfXKVpQF36y7bMN94P5jLG-VdlR9HnrUM86vZ1bOdQcPkw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7246 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:25 GMT
wt
t.pubmatic.com/ Frame AC7B 		17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.pubmatic.com/wt?pubid=157163&purl=https%3A%2F%2Frevistaquem.globo.com%2F&tst=1649901087&iid=da37adee-5919-4e52-bf51-e466cdff781e-idfid&bidid=8a68342b70e3dd&pid=4986&pdvid=3&slot=%2F138871148%2Frevistaquem.globo.com.dw.300x250.inter&au=%2F138871148%2C85042905%2Frevistaquem.globo.com.dw.300x250.inter&bc=appnexus&pn=appnexus&en=0.12&eg=0.12&kgpv=revistaquem.globo.com.dw.300x250.inter(%24%7C.refresh%24)%40.*%40300x250&piid=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
17
content-type
text/plain; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 7D4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcPBs2gqPoqcuKEB4cK9Z7jDOZZNVSUEwMox9vfMZNuYnWbSuN6lanN4qnwvnoVBJRzKYLL2KuAStea5448-NBurJo2EU9l-kI0urXGXkN9vR-W8V8CBprw2YSPqPls_Ez9cbmgC5gz_-Tx5Cb0Gq8Yu_eqPBqcZiZ7Clz70VK-tBSx0nlLsBLo-P_X2Wv0J4s1MA2AlDkX_qsdy6dJunA5G-37zyeAeF47XKnKABmHYKEOq3tUsrtn-Wiz0wuWjZIPdN1vE6lB0Kz9masvvkU57rbl9mYgT2NnPzCFz7F-t8Dk4JsnivpxFtvbcYo2A&sig=Cg0ArKJSzNyUImhzjrwgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:26 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0D34 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrBu8GvkzDOp0IC1DnBRggWEX0pu8Yo7NlfEJL3ee6a1j9_LTwz7N9m2RijCyJUtcW0yvURx7ls44dn9dC3NQ-mEkwVT37iJV1i1q6Ev5zqEPnq3jVwonw59nhNBV6jHjuVkgdpydVsaQkJPoyDZ0Td860RI50F7cnTdjHShLzY982nhbCMYGNxQMcGlVTlah5yWZLJMYjZw_CvNNY3Q3mzxJSrT-i5HYAckyMWLscKjbsM550obSbXIKG8RZj1eW4Rz056nK1X4JeZRzpR8ThHeVFDsyDriS0fTS-JWRfSBFZoSMBxO2N3BQh9gn4Xw&sig=Cg0ArKJSzLHLsUAEfiREEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3449 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:26 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 12D8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:26 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 5CF3 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Frevistaquem.globo.com%2F&e=wqT_3QKZL_BMmRcAAAMA1gAFAQid_N2SBhCCtYWE3qjFnzQY-MTAjN7IqfVqKjYJz_QSY5l-xz8RDPfb6K3Lwj8ZAAAAoHA99j8hDPfb6K3Lwj8pz_QJJNAxAAAAgOtRyD8wnunICjjWREDlHkhlUKGf6SRYzoGVAWAAaImUsAF4utkFgAEBigEDVVNEkgUG9HUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL_ICDQoGSEVJR0hUEgMyNTDyAgwKBVdJRFRIEgMzMDDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhgKCklGUkFNRV9LRVkSCjEwNTc0OTM1ODbyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjt2YXIgaz1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3QdLVQuY2FsbChhLGMsdm9pZCAwKX06ZnVuCc0AYQE_cGlmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuERoAIRUawGN8fDEhPWMubGVuZ3RoPy0xOmEuaW5kZXhPZihjLDApO2Zvcih2YXIgZD0wO2Q8YS4JKVw7ZCsrKWlmKGQgaW4gYSYmYVtkXT09PWMNaAggZDsJcRwtMX07LyoKCp46ARHMOCBsKGEpe2xbIiAiXShhKQ1OCCBhfQkTAD0RKBAoKXt9OxENBCBuATUEYT0pGjg9PT1hP2RvY3VtZW50OmEVQyQuY3JlYXRlRWxlARkYKCJpbWciKR1FAHAhSHQsZCl7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChaGgAQPVtdKTshLBRiPW4oYS4RfAQpOyEpBCl7ARoAZS66ABkXBGY9WlMAPCxnPWsoZixiKTswPD1nJiY-FgIUc3BsaWNlSRV0ZixnLDEpfWIucmVtb3ZlRXZlbnRMaXN0ZW5lciYmUhcANCgibG9hZCIsZSwhMSk7UiMAYjoAEGVycm9yDTsYfTtiLmFkZEJzAD4UAD5wAD4gAAFtPhQAACg2agAcYi5zcmM9YztaMQEYLnB1c2goYi7RAQRxKCl8BGE9MZI0LmN1cnJlbnRTY3JpcHRNGgAoMjkCLG51bGw6YSkmJiI3N2FJbGEuZ2V0QXR0cmlidXRlKCJkYXRhLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHSxyPVJlZ0V4cCgiXmihINg_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7eSsAdBXgAGgFYQxjPVtdBQkEZD0Bxgw7ZG97QXsYYj1hO3RyeQUMAGVBkxhlPSEhYiYmASRQIT1iLmxvY2F0aW9uLmhyZWYpYjp7AS2QbChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfQFeCGY9ZRkXAGYBFgxpZihmKXkAZz5eAAw7ZD1idR8h9DVCJHJlZmVycmVyfHwBlyR9ZWxzZSBnPWQsDcsAYynfMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF_0x9fXdoaWxlKGEmJmIhPWEpO2I9MIXVAGGV9nQtMTtiPD1hOysrYiljW2JdLmRlcHRoPWEtYjtiPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHACtYQA9HXUAKaFbFGE9MTthPLGATDsrK2EpZz1jW2FdLGcudXJsfHwoBQguQgE6dgAUW2EtCjFdIQwYLGcuaD0hMAHjKSIAaBmrIdVl5QBnJRYlAgRkPTIEARwwPD1kOy0tZKHYSGY9Y1tkXSwhZyYmci50ZXN0KGYBjyApJiYoZz1mKSwFDiwmJiFmLmgpe2I9ZjtFGwB9DV0AZBXmBCYmAcwBOwQ7MEFlJVoIJiZkBUgBGwgpO2MFrRB2KGIsZ7XoFGMuZz9jLgX6DDpjLmkBQAB9teYAdqGhHCl7dGhpcy5pQdUBCQhnPWMZIgB1HSIIdXJsESQUaD0hIWM7BS8FiCUKvfoAd3VJFHQoKSxjPfkKPCI_Iik7c2V0VGltZW91dCgRjA0xAGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzZ0Qc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeCCl9fQ4OCRbWCCggMDw9Yz9hLnN1YhZrCRwoMCxjKTphfQngDC5yZmwu6AcNNWhlbmNvZGVVUklDb21wb25lbnQodygpKX07fSnpwUGaFCk7Cjwvc8WYbD7yAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFLVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLURveDFVUklxTWxMQ0xVYzFIYnpWc0dpUUljYXZZUHZ4TF9yaURfUkg4d0N2eVdUalBqSzktWld2WXlyN2ZjS2wzS25zQ0ZHV1BpVzcxMExFMnNvbTVseUdZUDVnIiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaqGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKaAQoMUE9TVF9TQ1JJUFRTEokBPHMlajYIARb2CVBhZHMuZy5kb3VibGVjbGljay5uZXQxBjx4YmZlX2JhY2tmaWxsLmpzAWUttQ1TAD6dJBwge3IzcHgoJyadDBwnKTt9KSgpOz3rEOcQChBIAZ40UE9SVF9QQVJBTVMS0hCRJIqVAPB5YWRmZXRjaD9hZGs9NzU5NDU0Njc4JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD0zMDB4MjUwX2FzJmlwPTIxNy42NC4xNTEuNjgmb3V0cHV0PWh0bWwmdW52aWV3ZWQOmA1FiyBfc3RhcnQ9MSahdhG7AHJS_g0UJnN1Yl9jCY8AYkGV9LAIci01NjA2Mzg3JmhsPWRlJmFjZWlkPU1Ld2F0QUIyRzdRQWpodTBBRHJVNWdENVZUUUJMMk0wQWJGck5BSEliRFFCNUc0MEFZSndOQUd5Y0RRQnlISTBBVFJ6TkFHcGN6UUJFSFUwQVNoMU5BRjFkVFFCeDNVMEFVeDJOQUZRZGpRQlgzWTBBVzUyTkFGdmRqUUJmSFkwQVgxMk5BR1FkalFCbm5ZMEFhTjJOQUcxZGpRQnRuWTBBYnQyTkFHOWRqUUJ5blkwQWRKMk5BSFpkalFCNEhZMEFlUjJOQUVFZHpRQkJYYzBBUVozTkFFVmR6UUJHbmMwQWFoc1FRRkxjMEVCVTNOQkFYd0QyZ0VmaEFjQ19mY2VBa01kWEFJbEhsd0NPeDVjQWlkQ3FnSW9RcW9DS1VLcUFodFJxZ0pJY3FvQ19uaXFBcGw2cWdKNGhhb0NwNHFxQW9DYnFnS0JtNm9DZ3B1cUFxS29xZ0lycktvQ29MT3FBaU8wcWdMVHdxb0NKc2VxQXNfSHFnTGUwcW9DdnRhcUFwRFpxZ0xjMnFvQ3Q5eXFBc0hlcWdLTDM2b0NwdU9xQWh6bHFnS2c1YW9DWHVtcUFoYnFxZ0ktNnFvQ1VPdXFBaUhzcWdKVjdLb0NYdTZxQWkzd3FnSUc4YW9Dd1BHcUFybnlxZ0ppODZvQ1d2U3FBcV8wcWdKdjlhb0NpUFdxQXZmMXFnSmQ5cW9Da3ZhcUFrTDRxZ0twLWFvQ0pmdXFBa0g3cWdLYi02b0NCX3lxQWxmOHFnS0tfS29DSHYycUFrcjlxZ0pkX2FvQ2h2MnFBcjc5cWdKVl9xb0NZUDZxQW9MLXFnSV9fNm9DU1AtcUFuVF9xZ0ozXzZvQzlQLXFBdUVBcXdMX0FLc0NCQUdyQWc0QnF3SXJBcXNDVGdLckFsMENxd0twQXFzQ3ZBS3JBcjRDcXdKSUE2c0NxUVdyQXV5bFVBT2FPdm9EcTdMRkJmQkMzQWxFYjZZUGVmZC1Fcy1ULXhJM2xmc1NJY1g3RW5ETS14Sl8yZnNTMXVIN0V2bmwteEloN1BzU2EtMzdFclh1LXhJYTdfc1MyZkg3RWtyeS14S2I4dnNTMlBQN0VnYjAteEtjOWZzU3BmYjdFb3YzLXhMY3h3d1YtRlpyR2xUTS0wSSZleGs9MTA1NzQ5MzU4NiZhd2JpZF9jPUFLQW1mLUNQY3hSX1o2RVdDU3ZQRmx4VnBwaUNjRmhQOWt5Vmpsd2hXU3I4RXdLSTNaWk9TMVFYT0tVc2VBa0lWWlI5djhQQXVxVHBkYmJhald2a1Nwa1RoWnQ2UnVrbkk2WnJPRG5wNlJtSXpybF9aaGQyNExOLS15dEQ1NU1sTTVWRnNnZG9aRnFJYkFpUDE0a0JuMElrT0Z6YWJ0cFRKZUdCbUdTSVM5N1lEZjBYVER6ZkNCNCZhd2JpZF9kPUFLQW1mLUFjOEM5MUtsSURmdTAxSmZMLTFTdVBrTDhuQ0szSFZYMWdhMGh2UWluTUhxOWtzUmtCV3ZJWUJXUFlxelNpTkdnSlBnUkVGRUtnTTdURTJxa2JoR1U3Y0RuMjREaWRDZWlYYUp2RHNQMDE4UTd4SGdjdldxWko3RHVEbzh1OXhYV25VTU15YkpVcUhYNjdncDJEQ2loWS11dU9yYW9TWEFGXzhpNkktaElBQjNKX3FiVmJWTUNPcnlVUDAwX0NxbURTeEhJdzNvTlVHNWtOcm4ya3pwR3liVDFUTEUxVzQ0a00wSHhGaVpKdXJ5NTVoemRpbVNJRTVlV3QtUTR3TW93cVhZVklJTm9tR0M4YjFFZVl6eWEzOS1zV3BDb3BoOU1aZUpVWFcyeXBfRUZoaHZESUMxNXhldDZWYk45MHI1X24xTkZ0YjhIUDZSY1B2RVZUZnR6YnZJc1c3UlhXQWhXelROSXd0SUJiazE3LU15UHlPc3d6Q2FmZEU1bXpSOU5vVk5nMUtUMnN4VEZvUElpdkg3S3VQMldCU3plQldsdGpOR201UlhoaFJ3U05PaHRpV0h3Q25MSFZOdWh4Rm52enQ1bzlCWkcwdVBFV2hCcUJvVS1NTE1Bd3NuTnJiNW5jRlVpNTBxOXR4bGtmOERGbXBodmdJZWJvY21JY3VFNVd4T3d3cGhzdVFzNHQ2X1hCWkZWQWdVQ0wyOHNVS0FGd1JTMF92RENsVG9QUThlOXk2LU5ZNHFNRUdfS2tkODYxU2hUMTBpOGFDcEMxWDQyb241dnpub3RwX0lQSWdQVWpvMDM5dE45eEVBUnBYNW9OcU9rMFFNYkNXQ01LNW1UWmo4WkpjczdWOHlWaTc3NjhKY1h5cjR2OFZKME5FNFRiT0hMV0tRNnl5TE9sS1pTVjZXc2I1dWVBM1RMWGVoRl9ZZUFHM00wdGNvTnE3V0E4TVVUNDM0TE5ycS0zbkJ1UXVkeVhOa0p4TDdlUThHSURqT0c2RHRxOC05ZUFrZFpLZzlhRCZjaWQ9Q0FBU0JPUm9ZSDgmYV9jaWQ9gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD-6FN4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTIxNy42NC4xNTEuNjioBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBeSkktndkIiDA8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBdXDLPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxMzMwNTE3NDAxNzS6Bw8IABAAGAAgADAAOL4GQADIB7rZBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHw5sBiggCEAA.&s=4fc8f1934714931b839d1dd146e9bc86fc23e458&bdref=https%3A%2F%2Frevistaquem.globo.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Frevistaquem.globo.com%2F,https%3A%2F%2Frevistaquem.globo.com%2F,https%3A%2F%2Frevistaquem.globo.com%2F&
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
63b85cd7-b9b1-4b53-8f46-93d1378e7fbc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bulk
trc.taboola.com/editoraglobo-revistaquem/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/editoraglobo-revistaquem/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=3
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
via
1.1 varnish
server
nginx
x-timer
S1649901086.068529,VS0,VE9
x-served-by
cache-hhn4039-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2BA7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:26 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame 7246 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Frevistaquem.globo.com%2F&e=wqT_3QL5LvBMeRcAAAMA1gAFAQid_N2SBhCmuciigOr43UkY-MTAjN7IqfVqKjYJHEKVmj3Qwj8RxmmIKvwZvj8ZAAAAoHA99j8hxmmIKvwZvj8pHEIJJNAxAAAAgOtRyD8wnunICjjWREDlHkhlUKGf6SRYzoGVAWAAaImUsAF42dYFgAEBigEDVVNEkgUG9HUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL_ICDQoGSEVJR0hUEgMyNTDyAgwKBVdJRFRIEgMzMDDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhgKCklGUkFNRV9LRVkSCjE3Mzk5NDEwNzDyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjt2YXIgaz1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3QdLVQuY2FsbChhLGMsdm9pZCAwKX06ZnVuCc0AYQE_cGlmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuERoAIRUawGN8fDEhPWMubGVuZ3RoPy0xOmEuaW5kZXhPZihjLDApO2Zvcih2YXIgZD0wO2Q8YS4JKVw7ZCsrKWlmKGQgaW4gYSYmYVtkXT09PWMNaAggZDsJcRwtMX07LyoKCp46ARHMOCBsKGEpe2xbIiAiXShhKQ1OCCBhfQkTAD0RKBAoKXt9OxENBCBuATUEYT0pGjg9PT1hP2RvY3VtZW50OmEVQyQuY3JlYXRlRWxlARkYKCJpbWciKR1FAHAhSHQsZCl7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChaGgAQPVtdKTshLBRiPW4oYS4RfAQpOyEpBCl7ARoAZS66ABkXBGY9WlMAPCxnPWsoZixiKTswPD1nJiY-FgIUc3BsaWNlSRV0ZixnLDEpfWIucmVtb3ZlRXZlbnRMaXN0ZW5lciYmUhcANCgibG9hZCIsZSwhMSk7UiMAYjoAEGVycm9yDTsYfTtiLmFkZEJzAD4UAD5wAD4gAAFtPhQAACg2agAcYi5zcmM9YztaMQEYLnB1c2goYi7RAQRxKCl8BGE9MZI0LmN1cnJlbnRTY3JpcHRNGgAoMjkCLG51bGw6YSkmJiI3N2FJbGEuZ2V0QXR0cmlidXRlKCJkYXRhLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHSxyPVJlZ0V4cCgiXmihINg_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7eSsAdBXgAGgFYQxjPVtdBQkEZD0Bxgw7ZG97QXsYYj1hO3RyeQUMAGVBkxhlPSEhYiYmASRQIT1iLmxvY2F0aW9uLmhyZWYpYjp7AS2QbChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfQFeCGY9ZRkXAGYBFgxpZihmKXkAZz5eAAw7ZD1idR8h9DVCJHJlZmVycmVyfHwBlyR9ZWxzZSBnPWQsDcsAYynfMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF_0x9fXdoaWxlKGEmJmIhPWEpO2I9MIXVAGGV9nQtMTtiPD1hOysrYiljW2JdLmRlcHRoPWEtYjtiPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHACtYQA9HXUAKaFbFGE9MTthPLGATDsrK2EpZz1jW2FdLGcudXJsfHwoBQguQgE6dgAUW2EtCjFdIQwYLGcuaD0hMAHjKSIAaBmrIdVl5QBnJRYlAgRkPTIEARwwPD1kOy0tZKHYSGY9Y1tkXSwhZyYmci50ZXN0KGYBjyApJiYoZz1mKSwFDiwmJiFmLmgpe2I9ZjtFGwB9DV0AZBXmBCYmAcwBOwQ7MEFlJVoIJiZkBUgBGwgpO2MFrRB2KGIsZ7XoFGMuZz9jLgX6DDpjLmkBQAB9teYAdqGhHCl7dGhpcy5pQdUBCQhnPWMZIgB1HSIIdXJsESQUaD0hIWM7BS8FiCUKvfoAd3VJFHQoKSxjPfkKPCI_Iik7c2V0VGltZW91dCgRjA0xAGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzZ0Qc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeCCl9fQ4OCRbWCCggMDw9Yz9hLnN1YhZrCRwoMCxjKTphfQngDC5yZmwu6AcNNWhlbmNvZGVVUklDb21wb25lbnQodygpKX07fSnpwUGaFCk7Cjwvc8WYbD7yAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFLVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLUEwS1hDQXVUc0pfdy11NlBxcE5JY0NmWHNxazIxbmRjNXdGRTNQVE1hdzFHb19GZlhLVnBRRjM2eTdiTU45NFA1akxHLVZkbFI5SG5yVU04NnZaMWJPZFFjUGt3IiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaqGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKaAQoMUE9TVF9TQ1JJUFRTEokBPHMlajYIARb2CVBhZHMuZy5kb3VibGVjbGljay5uZXQxBjx4YmZlX2JhY2tmaWxsLmpzAWUttQ1TAD6dJBwge3IzcHgoJyadDBwnKTt9KSgpOz3rEMcQChBIAZ40UE9SVF9QQVJBTVMSshCRJIqVAPB5YWRmZXRjaD9hZGs9NzU5NDU0Njc4JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD0zMDB4MjUwX2FzJmlwPTIxNy42NC4xNTEuNjgmb3V0cHV0PWh0bWwmdW52aWV3ZWQOmA1FiyBfc3RhcnQ9MSahdhG7AHJS_g0UJnN1Yl9jCY8AYkGV9CcEci01NjA2Mzg3JmhsPWRlJmFjZWlkPU1ESVp0QUNLRzdRQS1WVTBBU0pxTkFHeGF6UUJrbTAwQWVSdU5BR0JjRFFCa1hBMEFaUndOQUd6Y0RRQmhYSTBBY2h5TkFHcGN6UUJFSFUwQVNoMU5BRjFkVFFCeDNVMEFVeDJOQUZRZGpRQlgzWTBBVzUyTkFGdmRqUUJmWFkwQVpCMk5BR2VkalFCbzNZMEFiVjJOQUcyZGpRQnUzWTBBYjEyTkFIS2RqUUIwblkwQWRsMk5BSGdkalFCNUhZMEFRUjNOQUVGZHpRQkJuYzBBUlYzTkFFYWR6UUJTSE5CQWJFRjJnRmVCdG9CY1IxY0F1d2RYQUk4SGx3Q3FfcUlBaWRDcWdJb1Fxb0NXMGVxQWhsTnFnTE9ZYW9DZm1LcUFoSm9xZ0tjZXFvQ2FvR3FBbmlGcWdJb2lxb0NqWTZxQWtXV3FnS0FtNm9DZ1p1cUFvS2JxZ0tpcUtvQ0xLeXFBbm14cWdLZ3M2b0N0clNxQWx5MnFnSzN2YW9DdEwtcUF0UENxZ0pLeUtvQ2w4cXFBdlBMcWdLR3phb0N5ODJxQXB2T3FnSk8yYW9DcXRtcUFxRGRxZ0thNEtvQ3lPR3FBbVhrcWdLZzVhb0NVT21xQXQ3cXFnTDM2cW9DSHU2cUFsM3VxZ0xTOEtvQ0p2T3FBb2YxcWdMejlhb0NfZldxQXBIMnFnTEU5cW9DM2ZlcUFtYjRxZ0o0LUtvQ2h2bXFBaVg3cWdKQi02b0NSdnVxQXBmN3FnSUdfS29DSWYycUFvcjlxZ0xmX2FvQ1lQNnFBb1AtcWdLaF9xb0NRXy1xQW1YX3FnS1ZfNm9DN3YtcUFnNEJxd0xGQWFzQ2FRS3JBcThDcXdLd0E2c0NMQVdyQXBYekZBTzZzOFVGdk5pMkI5R0dJd3JOb1RVUkRiSDdFdVhCLXhMN3hfc1N6ZEg3RXJ2Yy14SXo1UHNTLWVYN0VtcnQteEpzN3ZzU2JlNzdFblh4LXhMWjhmc1NHZkw3RWhuMC14S3I5UHNTSlBYN0VsWDEteEpMOXZzUzJmYjdFb3YzLXhJUFhEY1gtRlpyR3JId1dTaGJBSklwNjdXOWFRRFM2MjQmZXhrPTE3Mzk5NDEwNzAmYXdiaWRfYz1BS0FtZi1EVm80QXdNclRSY0JscEJMc2ozb3R5VVJUMmN3dGZoUUw3LTdkaEswRXpDUHpaT1JXdGQ3WFhsSkEwWFBfMElFa0ZtODRscTYzSGlNZGZWdjFVU2VnOVNtNDNxeEtCcFVmbGlEOFh2c2U5bkNmRm9ieTBCQ2hoVk44bkRncmJCWVRrQk9HOTZWSXdRX3BXNjBZd3ZsaXFsQzZObWZpcHUyQmptR0pQMlQ3OGRDcUpmcEEmYXdiaWRfZD1BS0HBZvRkBEg4WnpKMXozbUNheGotWTViaFhtQmp2OWw3blFNd1Z0R0tOSml4Y29KcjZrNUZfU2RkX25uV1M4elVPUkJWb0VWRUFEalp5NnM5WHVlUDQxTWkwbmVBa0JjUGk5MHdzVkh6b1RDSmNsN1lQZTROWkxxakY1d1d6TXY1NUdBNHlWc3dpdjY2R1hTN3VQUERtTXhWUjMxYzRnU1U5OE51NHI2NnQzUmhMa2ZZc1BkYXA5Zl9tQmo1TUREQ1Y4bnNVa1M0OTdyVXlmWC1yTDYyOG5EcVpKTjFNTGJTQVlDbEJIRWpNZ2FQRFNfYnZGaDJFRm1JQTVuNlBneWVqa3RYU28tcm1WeG5xMVVGUzljbXZsX0FaOEVQOGw0X1ZmX1VTdXJVR0k1cUZjd19HYjZadnZhWjF0QkI4a1VBSUVRdFRYV3lOT2liLUQwb1daaHZFcGZVakNhS3YwSjFVZlM4TG5DaDFWTjJIT2NQdmZkUUItclZ0bVFYTGVhd3o0VTBQYklveEtBQ3dOcmowUFVtbHhhdHhEXzZLNzBRdU5FQzZ6QVMwamlhaUdBSXFkdXRyVWR6ZFFzNThYYURmbU5uUURKUmxSbWhNME8xUE5TX004c3dhS0NfcjByWVNRM056Qzl3elJXN3RfTzdjSHNBMzd4UFBwbHRCNnhvWVUxaVluX3FoZERxLWpDSlVXVHZHbG9yMkpiWnpHUnlWMmFSZXJ4UFQweFdsOFI1M1ZoRUhNSFJNbGFGMW5aNXJOcGdiYUFZeFpqQ1E1a0FWTDkwNVFlSVNibE5hZkx4OUktVmJ2cUZpMzNaSUdaUUF0S0U1MjJscjN3TVpSY2pDU2RISF9hSEZVdzRHUGxTVXBlcGNyT3pGNzZiNkRIeGRrSzh3ZDNKbWpTOWNfSzNFZVlmcUNVQTlkVkVCMVBWRUx0MGlGODdiZU9FYnljV0haQXV1MkZXSVdndV9CQXhqN3FpVHZKS1NNQjljUW9yRS16eVNXTE5acks2U2VaYjhJTWFQY3FkNEFwJmNpZD1DQUFTQk9Sb0R1ayZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAFjsabpbWA7cotwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAEAAYACAAMAA4vgZAAMgH2dYF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfDmwGKCAIQAA..&s=2376cffc03b64e296fd90c492f7ff68cf6b0223e&bdref=https%3A%2F%2Frevistaquem.globo.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Frevistaquem.globo.com%2F,https%3A%2F%2Frevistaquem.globo.com%2F,https%3A%2F%2Frevistaquem.globo.com%2F&
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b8df8040-fd02-4d17-a448-3bb6c168e785
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F83 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 15:54:35 GMT
expires
Thu, 13 Apr 2023 15:54:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ADEE 		783 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c64a2ea8c0c0c71f9cf14fbe714fc298e85b511bdbb931d299f03b0645cc8d3f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/R5T1J8V7T4CKEc05p4RkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-/R5T1J8V7T4CKEc05p4RkA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:26 GMT
expires
Thu, 14 Apr 2022 01:51:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CD4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 15:54:35 GMT
expires
Thu, 13 Apr 2023 15:54:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6EAF 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3160df6d4abe7c604d8f03792d5375792c4c7172648e4afa3532300f1d10cab1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WMk7z8hl5fX0Wq2Kt/Ic7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-WMk7z8hl5fX0Wq2Kt/Ic7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:26 GMT
expires
Thu, 14 Apr 2022 01:51:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PMS.js
vidstat.taboola.com/PMS/3.2.2/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
via
1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront), 1.1 varnish
age
3776155
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
17509
x-served-by
cache-hhn4039-HHN
last-modified
Thu, 21 Jan 2021 11:30:56 GMT
server
AmazonS3
x-timer
S1649901086.151299,VS0,VE0
etag
"f237b8d35060f133ac8c595fd1234e1c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
XiPzI3T7-j00LduMNKNm2rmlUDrCpSGT1aq1AjMdveabScX3DbI-Pg==
x-cache-hits
1198544
view
securepubads.g.doubleclick.net/pcs/ Frame F272 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4I4Wg4-HH1UeMt2VJI6V7R0bqJVmQWXDOn4Z0xwO4AO2RcS7wmiKrSF6WEUKSZdIN5ncdTlIv2pZH1U5YiybO5Xg_SnvtMBfGMATtv00HOIvQ3aACXSkgqm6DinyJoZjsel5i1Emh94oABHWKyvb1Hxwdg_0HR9wMME6BuADFNPsQxdIKV9w8Jae1B-_yAu9Gt4wJ9VLaw7nB6I6A0VEYbIO0Sdx8FPrNMdkT_1FxY9RV5bw4fAKlnkTstk8UCKZu1PbP67rB6bX8X0fP5mTVjoH117PFxFZyiwFOj1UuGSFUcVY6pccrzECIkWVv5Sdq6b3q0StgY3Synrbk1jqEnsSbt4SMiWdC8nc&sig=Cg0ArKJSzNqFhZPVPDnoEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
render_post_ads_v1.html
googleads.g.doubleclick.net/pagead/ Frame A39A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21556
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
4980
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 19:52:10 GMT
etag
12223946614886178233
expires
Thu, 14 Apr 2022 19:52:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
xbfe_backfill.js
googleads.g.doubleclick.net/pagead/ Frame F272 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:50:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4875
x-xss-protection
0
server
cafe
etag
7698967424627035244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 02:50:26 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame F272 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Fri, 14 Apr 2023 01:51:26 GMT
it
fra1-ib.adnxs.com/ Frame F272 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Frevistaquem.globo.com%252F&e=wqT_3QKNBvBMDQMAAAMA1gAFAQid_N2SBhDB6-vyu63uuXcY-MTAjN7IqfVqKjYJqfV-ox03wD8Rde-XBcnxuT8ZAAAAYLge9T8hde-XBcnxuT8pqfUJJAAxARvAj8LFPzCh6cgKONZEQOUeSGVQraLLJVjOgZUBYABoiZSwAXiL1gWAAQGKAQNVU0SSAQEG9BMCmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWF3YmlkJmF3YmlkX2I9QUtBbWYtQ3lCMXJ6S3ZsX1dlOWVmVGptNWY5ODUyZUpkTm5odU5RUzVTZnUtb1BaTTJtNmVDdXJheWNZdjhNVW9NZUpvUlM3elRfdTRNSmNiNDRqV01rOXlydHdPMUlnQmcmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODYwNzQyNzE4NTI0MTQyMTI0OSIINzg4Mjc4MjEqBDM5NDE6ATDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAF9aKrpKCx5Mw4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlAoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAASlEIAAwADi-BkAAyAeL1gXSBw0JCUUAAAVHCNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=efa60326e117c07e96fca0ce9240082fa43392dd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
73d7730f-54c9-4378-ae15-498c33b6c718
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F272 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-DDAf7NyyXIMEsq5v286uPUNP9lSkbi1U5LBHgtoaBzcK2oBVRWoOsMmYkA0HAVKDu8smRrTRzPjDv5iuEgp5AwVSirSw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F272 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js?cb=31067090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:26 GMT
wt
t.pubmatic.com/ Frame 3449 		17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.pubmatic.com/wt?pubid=157163&purl=https%3A%2F%2Frevistaquem.globo.com%2F&tst=1649901088&iid=bd6b25ef-e3d9-4a4a-a6a9-c61f4742caa6-nfenn&bidid=9fc2ad1d7a5002&pid=4986&pdvid=3&slot=%2F138871148%2Frevistaquem.globo.com.dw.970x250.inter&au=%2F138871148%2C85042905%2Frevistaquem.globo.com.dw.970x250.inter&bc=appnexus&pn=appnexus&en=0.1&eg=0.1&kgpv=revistaquem.globo.com.dw.970x250.inter(%24%7C.refresh%24)%40.*%40970x250&piid=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
content-length
17
content-type
text/plain; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 5CF3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc2nSm4F8m6qZ8XFDwtXmL34NSpZpI8f0rGKInjip7CuqDUFJ9dntQwBPH3MqjQ5tK0wdM-TpxIm6puDelxb0tCrtJsDEsAXpVtbpGIT6rq8PLoITcHOb6GmpUOPZHk7O1sI8SZcJ9e7zasmpMeoPK8FFRifkbvr6uOJ4FNXydKfph2nJnvE8eArvi0Y_nAXTGBHQJt-XxVUDiDXnjkYYVwUB_BbpSPUkAKlnm0sEZSNdyePtSBddEzkGfwsT56vJUzgBNS0n4Rdxo07ol9mhj2muXzcIU9ML6MWAhTOBcUB4SwHhuFA_sSrCs2pwWymGQqeeghS9E9CVrWRf-iv_ki20RkRszLBCe4MaEbsg&sig=Cg0ArKJSzIW6M1feYQXLEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:26 GMT
truncated
/ Frame 5CF3 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f60e605ea5f9aa6dc56e77e638a12890de837cf5d64d97d268167254827268c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7246 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrclRj6a7ZFJ4KSrD9NfFdm2SOJIBjZ5I6XzkUjlI3q_yPOeoe7ItBz2WdvBfylf1dh31o6OqMFW8ux2qSMKeBoRPWqgkPMCpdija-P1TDpSLPO9roWygvE7o68_kylKqqvQeu8wZFzGZDpsbKzjrv_jlW_pLy_RJ1L0Hzwnep0rncjc23ncXQZUXDcjUqGoqcIN960dgwgE82osyL5OCLq60_lIyiUnnyCz9Z6F2mS-I6IJ5WmpnWFC3uwLh9F6_wmgLOjk5onRdUmtG2ivTEOnVUoNnwsyzuvg1V0utfpwP3TssyPiWXFPAoFl2T7lGSkVz5SfAl6zmP9uWkn6vFMI2KYZ6W7b0jCwQ67A&sig=Cg0ArKJSzONz1l2sThddEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:26 GMT
truncated
/ Frame 7246 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e55127616531545b5247801cf08d055b30c21fdeb0df19ac2aecd90e2b9d80be

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
vevent
fra1-ib.adnxs.com/ Frame 5CF3 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Frevistaquem.globo.com%2F&e=wqT_3QKNBvBMDQMAAAMA1gAFAQid_N2SBhCCtYWE3qjFnzQY-MTAjN7IqfVqKjYJz_QSY5l-xz8RDPfb6K3Lwj8ZAAAAoHA99j8hDPfb6K3Lwj8pz_QJJNAxAAAAgOtRyD8wnunICjjWREDlHkhlUKGf6SRYzoGVAWAAaImUsAF4utkFgAEBigEDVVNEkgUG9BMCmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWF3YmlkJmF3YmlkX2I9QUtBbWYtQU0ta1Y1d2VObXJrdFVsX3hna0dudWhNWFVzMENmYWtJWUVVMjkzckozclN5ZEdLOTgycF96X0JRNERrUXJrOFhLWGxnTjkweWdoRm9XdjhKNkJhZmFObHhwNncmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTMzc2NDc1MTIwMzM2ODUyNDQxOCIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF5KSS2d2QiIMDwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlAoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAASlEIAAwADi-BkAAyAe62QXSBw0JCUUAAAVHCNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=89524257ba7873309ffcf47b9959f0a095afa645&type=nv&nvt=5&jm=1003&px=488&py=1336&bw=300&bh=250&sid=5238216261813256364&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22164638&sw=1600&sh=1200&pw=1600&ph=7142&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f2b6e3c9-6ac5-4b1e-9a1d-cad86df1f329
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Leader3.png
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame 3268 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/Leader3.png
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
872cf5b1fc5d78d4697452c04483c4afe1dec0f40247ea64d05a051dcc43bad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:31:10 GMT
x-content-type-options
nosniff
age
15616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:31:10 GMT
Leader2.png
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame 3268 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/Leader2.png
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8562314971d42837bfe69a65a1073116ad8b4ae2ca55510e0fdde55290ec287d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:31:10 GMT
x-content-type-options
nosniff
age
15616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20066
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:31:10 GMT
Leader1.png
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame 3268 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/Leader1.png
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681ce807f94422036848a5c4dfdfc73ff92ffd533947fbb288cae8e334135970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:31:10 GMT
x-content-type-options
nosniff
age
15616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17847
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:31:10 GMT
vevent
fra1-ib.adnxs.com/ Frame 7246 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Frevistaquem.globo.com%2F&e=wqT_3QKNBvBMDQMAAAMA1gAFAQid_N2SBhCmuciigOr43UkY-MTAjN7IqfVqKjYJHEKVmj3Qwj8RxmmIKvwZvj8ZAAAAoHA99j8hxmmIKvwZvj8pHEIJJNAxAAAAgOtRyD8wnunICjjWREDlHkhlUKGf6SRYzoGVAWAAaImUsAF42dYFgAEBigEDVVNEkgUG9BMCmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWF3YmlkJmF3YmlkX2I9QUtBbWYtQTJCVWRqQXFyT1F1Y3BFcHlkRnJSSzhCc2IwdmZycXBDLUZBM1VPNjF4dDJsT240UjZLUERTNFBqLUdNX1Zzc052YkRUWHVBYjlZOUdYSXJsREVoeVVIbm93M2cmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTNTMxMzA5MDExODIyMzAxMDk4MiIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAFjsabpbWA7cotwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlAoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAASlEIAAwADi-BkAAyAfZ1gXSBw0JCUUAAAVHCNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=f4fc564d531c064ec66407a8619f8103cf1c66ac&type=nv&nvt=5&jm=1003&px=1136&py=1336&bw=300&bh=250&sid=5238216261813256364&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22164638&sw=1600&sh=1200&pw=1600&ph=7142&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f303bdaa-115e-4c19-9f97-e86fa9439499
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Leader3.png
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame E54B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/Leader3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
872cf5b1fc5d78d4697452c04483c4afe1dec0f40247ea64d05a051dcc43bad9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:31:10 GMT
x-content-type-options
nosniff
age
15616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:31:10 GMT
Leader2.png
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame E54B 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/Leader2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8562314971d42837bfe69a65a1073116ad8b4ae2ca55510e0fdde55290ec287d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:31:10 GMT
x-content-type-options
nosniff
age
15616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20066
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:31:10 GMT
Leader1.png
s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/ Frame E54B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/Leader1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
681ce807f94422036848a5c4dfdfc73ff92ffd533947fbb288cae8e334135970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/dfp/539105/4811135416/1649357939584/Leader/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 21:31:10 GMT
x-content-type-options
nosniff
age
15616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17847
x-xss-protection
0
last-modified
Thu, 07 Apr 2022 18:58:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 14 Apr 2022 21:31:10 GMT
av
vidoomy-d.openx.net/v/1.0/ Frame BA0C 		48 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Frevistaquem.globo.com%2F&cb=1060531488&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C68543124936278318821432248985,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
218945
search.spotxchange.com/vast/2.0/ Frame BA0C 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Frevistaquem.globo.com%2F&cb=987341654&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C6854312493627831882241295232%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000256
X-SpotX-Timing-SpotMarket
0.005502
X-SpotX-Timing-Page-Mux
0.000207
X-SpotX-Timing-Page-Require
0.000323
X-fe
125
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
Content-Length
77
X-SpotX-Timing-Page
0.010649
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000287
Last-Modified
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.005502
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
X-SpotX-Timing-Page-Misc
0.004061
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame BA0C 		67 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C6854312493627831882400426369,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649901086181010-521
Expires
Thu, 14 Apr 2022 01:51:26 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame BA0C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C2872526576854312493627831882,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2946c0bcb402f9717d4b473b3e45222c89c938db1a46a72a0c800db13b54bb57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1156
x-sticky-vk
1649901086009036-563
Expires
Thu, 14 Apr 2022 01:51:26 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame BA0C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C6854312493627831882260209817%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ad6f303010f4d0d273ed759c3ceed9e24118072b1bbe8c56d284b94174bf8da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1649901085673060-536
Expires
Thu, 14 Apr 2022 01:51:26 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame BA0C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C6854312493627831882182232398%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b6f2d5803fd397500ddefed25e442e396e2b2c8fe52398344cd71ff7959a05a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1190
x-sticky-vk
1649901086134026-580
Expires
Thu, 14 Apr 2022 01:51:26 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame BA0C 		1015 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C21342225236854312493627831882%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
48f0cf548f400589e0dc99934c21eb6875ee8e9109071c721aac7ec03c4b4471

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
627
expires
Thu, 14 Apr 2022 01:51:26 GMT
adfetch
googleads.g.doubleclick.net/pagead/ Frame 1527 		80 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
705e3b638a6b8f33cc7837c616847019b789c93d04d184710cf410174ebda900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31712
x-xss-protection
0
adfetch
googleads.g.doubleclick.net/pagead/ Frame 4D3C 		80 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c74d0b2694837c98192091dae3ce5a8e55fe4cf7e7e9104529640349248996c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31467
x-xss-protection
0
optout_check
beacon.krxd.net/ 		78 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.globo.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5d7ac0b32a1a31bed0806e2dfd67dd0ea6fb218a26d4caf5d04447f01a988f19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=162 t=1649901086
x-served-by
beacon-n009-dub-prod.krxd.net
content-type
text/javascript
get
cdn.krxd.net/userdata/ 		364 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/userdata/get?pub=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&technographics=1&callback=Krux.ns.globo.kxjsonp_userdata
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
59f97016ea655ac5962a98b1f029403ec38299d2357ad78f26b51f09daafc4f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
age
0
x-served-by
userdata-a005-ash-prod.krxd.net, cache-hhn4020-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript
via
1.1 varnish
cache-control
private, max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1649901086.385231,VS0,VE100
content-length
276
x-cache-hits
0, 0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B95 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35811
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 15:54:35 GMT
expires
Thu, 13 Apr 2023 15:54:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D950 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2c894e0fd508c8cbe6e7bfb16ccc20f69adff0625f7734da7bb2c5cdabdf3ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8nLaC2u5Ejpd1czTPR4y5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-8nLaC2u5Ejpd1czTPR4y5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:26 GMT
expires
Thu, 14 Apr 2022 01:51:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.html
eus.rubiconproject.com/ Frame 22C4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66353675&crid=5590795&dast=V7ZKcCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBvQHG0ajcSjDEYOxGmxGi8lyuVjMloPdYrEbDkHDaDQOZThiMFaDzWgxWQ5nk9lgs9gNF1OIMJbLZFALJCyz33cQNHwuN3ig6XT4XPd6ycv29JwejtfLbdeZ_Ra_XeN3--UAAAAA8ABQ9bQA8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABgJAYrgEAxWFwlofF7_sHAMDDAwgAgAAGCUAB72kJwMdZxQkAAAAAAAAAAMv___9_zAC93oIMgMh7Tg_Agw_AA1HBahEjAAAAgGygS6KjSZ1QWVQBABCkWwFcAQAEAJYQh1KEAQAAAIixh0bn75HmCo4t0MPi95sddo3f7TIAAAAAAAAAALP_s380oSoP3LQgnPphtV9AAIC1X0AAALZxAwB4E4ALOQ80nQ6f614vedmentPD8Xq57Tqz3-K3a_xuv-gCYHUKsRvOBrvJYreYHQAAAMDd____Px57aHT-HmmuoB7IzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3B7-T6m88OXnTt-EsMx-30HQ8LkM4oOGYTkZBPObsMVoNZlslsPZcjEZDEfD0Wh_AzEYDHAiBsvlZLKY7Faj1Wgz3I1mgwUKxGCCFC0aTFaj0WQxGa5Gk9VsudjtNkjRqtVstBkMV7PJbLdbDQfD5WiEE7YYrSaTzXI4Wy4mg-FoOBoNESYmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznHhRMGBjL4KLdKIyOU1_y8Nn9lv8bsnL9vScHo7Xy20RSzQni3Qiu-x7M49nsDE5TLuZaeKw2FYbw8I4sU08pslwt9w4943JxGRZeSxr3Wq3WItmC8tauTHM1grjZDibLFYzj2XiFr0-pudqMdgsJ_7GbLRcDhaD4WjfmI2Wy8FiMBztO0ymZ-pzNrr-5pRHpnm5jtuGzWFQuAxG709iWky7s4Po9zs6bYZhsqgzCm_do9eg8Bw8pokyJdZZ-zJhMXlVOA4GRSwRnC7SidDvdlnEEsnTIp0oDKuRy7PbTGyThcc4Wjgmw9Vo4VgMR7OZb-ZZTcQSpekinegl6j82yGI3l43mitViLhuuEgAAAAAAAADAEubMmwAAAACcBrNbLXer5QJI_E3qAoMAAAAAAADsnhrAlphi_ekXN36MUSan6W95-Mx-i98tedmentPD8Xq5rQwg4SbKvNkzQazValkDAAAQYAMAAARw6-Yt0LSSAw!&cmcv=&pix=undefined&cb=1649901087292&uv=3158&tms=1649901087292&abt=adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!Noapp22_vB!pblc_vE!spa2_vB!t45!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=FFFC28DA1503412991169071178&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 01:51:26 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Apr 2022 01:51:26 GMT
location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
server
AkamaiGHost
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0CD0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:26 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
fra1-ib.adnxs.com/ Frame F272 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Frevistaquem.globo.com%2F&e=wqT_3QKkL_BMpBcAAAMA1gAFAQid_N2SBhDB6-vyu63uuXcY-MTAjN7IqfVqKjYJqfV-ox03wD8Rde-XBcnxuT8ZAAAAYLge9T8hde-XBcnxuT8pqfUJJAAxARvAj8LFPzCh6cgKONZEQOUeSGVQraLLJVjOgZUBYABoiZSwAXiL1gWAAQGKAQNVU0SSAQEG9HUBmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL_ICDQoGSEVJR0hUEgMyNTDyAgwKBVdJRFRIEgM5NzDyAiEKBkxPQURFUhIXcmVuZGVyX3Bvc3RfYWRzX3YxLmh0bWzyAhgKCklGUkFNRV9LRVkSCjEzMjk2NzQ3NDnyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjt2YXIgaz1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3QdLVQuY2FsbChhLGMsdm9pZCAwKX06ZnVuCc0AYQE_cGlmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuERoAIRUawGN8fDEhPWMubGVuZ3RoPy0xOmEuaW5kZXhPZihjLDApO2Zvcih2YXIgZD0wO2Q8YS4JKVw7ZCsrKWlmKGQgaW4gYSYmYVtkXT09PWMNaAggZDsJcRwtMX07LyoKCp46ARHMOCBsKGEpe2xbIiAiXShhKQ1OCCBhfQkTAD0RKBAoKXt9OxENBCBuATUEYT0pGjg9PT1hP2RvY3VtZW50OmEVQyQuY3JlYXRlRWxlARkYKCJpbWciKR1FAHAhSHQsZCl7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChaGgAQPVtdKTshLBRiPW4oYS4RfAQpOyEpBCl7ARoAZS66ABkXBGY9WlMAPCxnPWsoZixiKTswPD1nJiY-FgIUc3BsaWNlSRV0ZixnLDEpfWIucmVtb3ZlRXZlbnRMaXN0ZW5lciYmUhcANCgibG9hZCIsZSwhMSk7UiMAYjoAEGVycm9yDTsYfTtiLmFkZEJzAD4UAD5wAD4gAAFtPhQAACg2agAcYi5zcmM9YztaMQEYLnB1c2goYi7RAQRxKCl8BGE9MZI0LmN1cnJlbnRTY3JpcHRNGgAoMjkCLG51bGw6YSkmJiI3N2FJbGEuZ2V0QXR0cmlidXRlKCJkYXRhLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHSxyPVJlZ0V4cCgiXmihINg_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7eSsAdBXgAGgFYQxjPVtdBQkEZD0Bxgw7ZG97QXsYYj1hO3RyeQUMAGVBkxhlPSEhYiYmASRQIT1iLmxvY2F0aW9uLmhyZWYpYjp7AS2QbChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfQFeCGY9ZRkXAGYBFgxpZihmKXkAZz5eAAw7ZD1idR8h9DVCJHJlZmVycmVyfHwBlyR9ZWxzZSBnPWQsDcsAYynfMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF_0x9fXdoaWxlKGEmJmIhPWEpO2I9MIXVAGGV9nQtMTtiPD1hOysrYiljW2JdLmRlcHRoPWEtYjtiPWghKzkeAa41KjhhbmNlc3Rvck9yaWdpbnNuHACtYQA9HXUAKaFbFGE9MTthPLGATDsrK2EpZz1jW2FdLGcudXJsfHwoBQguQgE6dgAUW2EtCjFdIQwYLGcuaD0hMAHjKSIAaBmrIdVl5QBnJRYlAgRkPTIEARwwPD1kOy0tZKHYSGY9Y1tkXSwhZyYmci50ZXN0KGYBjyApJiYoZz1mKSwFDiwmJiFmLmgpe2I9ZjtFGwB9DV0AZBXmBCYmAcwBOwQ7MEFlJVoIJiZkBUgBGwgpO2MFrRB2KGIsZ7XoFGMuZz9jLgX6DDpjLmkBQAB9teYAdqGhHCl7dGhpcy5pQdUBCQhnPWMZIgB1HSIIdXJsESQUaD0hIWM7BS8FiCUKvfoAd3VJFHQoKSxjPfkKPCI_Iik7c2V0VGltZW91dCgRjA0xAGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzZ0Qc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeCCl9fQ4OCRbWCCggMDw9Yz9hLnN1YhZrCRwoMCxjKTphfQngDC5yZmwu6AcNNWhlbmNvZGVVUklDb21wb25lbnQodygpKX07fSnpwUGaFCk7Cjwvc8WYbD7yAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFLVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLUREQWY3Tnl5WElNRXNxNXYyODZ1UFVOUDlsU2tiaTFVNUxCSGd0b2FCemNLMm9CVlJXb09zTW1Za0EwSEFWS0R1OHNtUnJUUnpQakR2NWl1RWdwNUF3VlNpclN3IiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaqGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKaAQoMUE9TVF9TQ1JJUFRTEokBPHMlajYIARb2CVBhZHMuZy5kb3VibGVjbGljay5uZXQxBjx4YmZlX2JhY2tmaWxsLmpzAWUttQ1TAD6dJBwge3IzcHgoJyadDBwnKTt9KSgpOz3rEPIQChBIAZ40UE9SVF9QQVJBTVMS3RCRJIqVAPB5YWRmZXRjaD9hZGs9NjQxOTc1ODc0JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD05NzB4MjUwX2FzJmlwPTIxNy42NC4xNTEuNjgmb3V0cHV0PWh0bWwmdW52aWV3ZWQOmA1FiyBfc3RhcnQ9MSahdhG7AHJS_g0UJnN1Yl9jCY8AYkGV8H1yLTU2MDYzODcmaGw9ZGUmYWNlaWQ9TUdzYnRBQ0tHN1FBLVZVMEFieHFOQUdDY0RRQmxIQTBBZmx3TkFISWNqUUJESE0wQWFsek5BRlhkRFFCWEhRMEFZdDBOQUVvZFRRQmRYVTBBY2QxTkFFd2RqUUJUSFkwQVZCMk5BRmYBECxiblkwQVc5Mk5BRjkBECxrSFkwQVo1Mk5BR2oBEBh0WFkwQWJaARAANwEQAHYBEBhjcDJOQUhTARAAMgEQBGVCARAAawEQADUBEERRUjNOQUVGZHpRQkJuYzBBUlYBEABhARD0VQN0MnhCQVV0elFRRlRjMEVCUEI1Y0F0ZjJpQUpiLVlnQ0owS3FBanRhcWdKZlc2b0MwR0dxQW4xaXFnSkljcW9DVG5xcUFtdUJxZ0xJaEtvQ1c1R3FBcTZScWdLWm1hb0NnSnVxQW9HYnFnS0NtNm9Db3FpcUFyR3JxZ0lzcktvQzVheXFBbm14cWdJcHZxb0NJTUtxQXNfSHFnSXl5cW9DZjgycUFvYldxZ0pzMktvQ0R0cXFBclhjcWdKNTRhb0NwLVNxQXFEbHFnS3Q1YW9DUHVxcUFwZnFxZ0pBNjZvQzFPdXFBdUR4cWdLNjhxb0NzUE9xQWdQMHFnSTc5YW9DOF9XcUFsMzJxZ0otOXFvQ2t2YXFBc1QycWdKci1Lb0NoX2lxQXR6NHFnS3AtYW9DSnZ1cUFrTDdxZ0xQLTZvQzlQdXFBZ2I4cWdKUF9Lb0NpZnlxQWl2LXFnSmdfcW9DZ3Y2cUFxdi1xZ0lWXzZvQ1BfLXFBc3pfcWdMdl82b0Nld0NyQXVFQXF3STNBYXNDV1FHckFza0Jxd0l6QXFzQ1NBT3JBcGNEcXdLcUJLc0NMQVdyQXBvNi1nUDFkQ1FFdXJQRkJmQkMzQWtLcVBzUzJiXzdFaFhJLXhKVHl2c1NjTXo3RXJiVy14SXUyUHNTdXR6N0VwUG0teEx2NXZzU0ZlcjdFdkR0LXhKczd2c1N6dTc3RW5YeC14Sks4dnNTYWZQN0V0anoteExyOF9zU0dmVDdFdEwwLXhMdzlQc1NSZlg3RW9MMi14TGw5dnNTSnZmN0VpejMteEpZOV9zU2VQZjdFb3YzLXhJMDFYSVVyX1VERlh1QnBoZjNWbXNhMVBCWktBJmV4az0xMzI5Njc0NzQ5JmF3YmlkX2M9QUtBbWYtQ05MTzNFejgtNjMzTmxuNm1zb0NZaWluRnF1Nmg0QkFJRjV6cDV4a0huZGNqYlk3QVF1WXlVYjVNNVJUWno1NmRYM1prNFJ1aEtLNjM2eTl6VTc4alNSMExsUWp6emxfamtOQUk2UmRjMWhIMGFzd0pSZ2pnLUs1TTRHUjhwQzNLRlg4WFl4a2VCOWJxQnRfNTRTeEdHVXNvWGVseHBUbWJhWF9mbWRDSXAyakMwY0xNJsmRAGTNkfTEAUFBS3lzUU1Vd1RrWnU2VWdQY3FnVW5tdU1BX2RVUzhXZU44NTcwcDBaLWxnVGJLY2h4OHJDeEhGOTZqMXM5YmE2R0thNjRKX01tSU1iY0pZaDR2MU1zLTZVb0xYSnZGNjFtb09nVURtaEtDeE05T2htMDFKcWdlMjRWUEVqODFLS2kwaDM5T0lJTFZTb3ZKNVhMOFdSRTFpTHh5eHRnbnFlSGZHQU1RUlFJU1pPZnNQSUVsbi1UWjYwNG5vbUtNUlROM21HX2htaU5tcTNXa2pnUEd2ekV0VU9sSUlfZ3YyLS15bTcxSVBMSjV2cm1MMEVLMENQa2RLbFN2a3ZmOEJUaHM3b3AzSWRrR05mWWVvT1UyY1RmQXNPdUFzUWVUTkhvSTNfMkZxd3FyQjdHbkVRdjMyRTBlbEhKbTJIcTFQeW5HTmtodnZiR2FsM3hsb3NYYm16TFFVeHNmREtiQkdPVGJNcFBWT2FnY0pkRWRmaEFhWHB3dUp1b1FuTmdiNUhIbjU4TlczMDBrTDlkWUoyOTVuYUdjc3pNMW5kaWhQelRfajFhOVpYcE5CcDFibHN6VDFqd3NiUHJ6bkdZX1dFSlVTWQ68EvScAkNwOVJTdDlFZGhGellNVW1WOHdaa2cxRThoYnhiOVhnSkV0cHdSQ016UFJ5YTk2UzdnbkZXWFdCVmVRYWJEdDY5Uk1Oa2hfTFdNcXg2Y19aMHNwTnA0QzZxRFNNMnBLQUVOcmx0TjNLOVBvbGd6YTZlbDQ2d3ZSdXZ6eTFhUzV5cWtBYXBmVHhCQ0VQSnZCU2ZTWkJ4djc3TnphemVIWlpxcktTcWRSNFN4dnlkcEkxM1I3Ml9zSG1iTlBtSzZ0S1RhZ0ZsMjVVS3k2NXpQRU1QRDZTeGdBWk4xRDdYMlFSNWgzS0d1V1VXaG5pUnZlY25RcnJnYWpKb2V0ZXBWRzJWNzRWemJSSXcwMXhyWVVNY3lzQVpaWGw2QzBveElZODlTREFzR04xbzRGUDh0UnQzQ19HeklINXllWmdQJmNpZD1DQUFTQk9Sb19rdyZhX2NpZD2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAF9aKrpKCx5Mw4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAEAAYACAAMAA4vgZAAMgHi9YF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfDmwGKCAIQAA..&s=0e88b22b2fe8241955666ccb7d59487aec36e758&bdref=https%3A%2F%2Frevistaquem.globo.com%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Frevistaquem.globo.com%2F,https%3A%2F%2Frevistaquem.globo.com%2F,https%3A%2F%2Frevistaquem.globo.com%2F&
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
69a245d2-7b9e-4588-959d-171118afffc0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 12D8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a04cbb34-8ce5-44c4-9aae-53a6f7e8e2f9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2BA7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ba5703d-e884-477b-8e7a-c5e2ce861335
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
9407
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by
cache-hhn4039-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1649901086.411344,VS0,VE0
date
Thu, 14 Apr 2022 01:51:26 GMT
x-amz-request-id
DM4PBFJ9QH08DD7N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
62
x-cache-hits
291
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_1
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2ab2c730badb48e44bce8ff702ea8658fb0e77df659141706d931ae2ed7fbb1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a004-dub-prod.krxd.net, cache-hhn4083-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1649901086.469633,VS0,VE29
content-length
184
x-cache-hits
0, 0
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
via
1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront), 1.1 varnish
age
2338310
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-hhn4039-HHN
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1649901087.520135,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
t1A-OC7FrDGZJC7Tp3c5Te6utmhBjz82_E5tKO0J_wHxk5doBZKsXQ==
x-cache-hits
619418
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age
1194708
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-hhn4039-HHN
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1649901087.527178,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits
297517
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/ 		560 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
021b23d6cce7c934afbade06a6a3f058072f99930cc5f6a72038324d00686b18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
via
1.1 varnish
age
66020
x-amz-meta-mtime
1649834988
x-cache
HIT
x-amz-meta-ctime
1649835002
x-amz-meta-mode
33188
content-encoding
br
content-length
117253
x-amz-id-2
vuN9blCG8DpwDCzX9IGXWuewd680dsKQMRpWUqzxXIHzBauHpyNzK5KG8cSaoGvlgWE/MmHldnA=
x-served-by
cache-hhn4039-HHN
accept-ranges
bytes
last-modified
Wed, 13 Apr 2022 07:30:03 GMT
server
AmazonS3-br
x-timer
S1649901087.552084,VS0,VE0
etag
"39efc5b0f48ae414ef8f10d2c35d2e79"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
6H1SBFN2654Q5CZE
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
25856
sync
am-match.taboola.com/ Frame 8E62 		742 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 14 Apr 2022 01:51:26 GMT
machineid
3406
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 57F5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTNJ4Bs6UruQaZeT-tURYlhsdBSgVUq8fGS-x5KZJvenYh7ztUwdgqYxW6dVFK2ufAIQ-lZTwd1olpsrRdq4L47vmH3iZmeGI7jh-0qeMFHUtdH3ly&sig=Cg0ArKJSzJ3QxZcrcSeQEAE&id=lidar2&mcvt=1140&p=514,912,695,1436&mtos=1140,1140,1140,1140,1140&tos=1140,0,0,0,0&v=20220411&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=7&adk=1107369598&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649901086000&rpt=802&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6EAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=2931402720407680&rc=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ADEE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=4190216539386806&rc=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 1527 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:49:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:49:43 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 1527 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1432
x-xss-protection
0
server
cafe
etag
15450667304708860052
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:33:27 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 1527 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7667
x-xss-protection
0
server
cafe
etag
7504708142712926003
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:46:27 GMT
l
www.google.com/ads/measurement/ Frame 1527 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8wOUuNY7vRyx2FHpmC2sOIjtEMU-9aCnw1eghmtcmuLcK1-voTmuXt9ts4QWYWop0kWycVGuij99wzumgVhasGonboQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1527 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:26 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 1527 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c25e591394ea7aa5b84b25e9e6b44e38773a3289a2db50987b2cf946c100ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14839
x-xss-protection
0
server
cafe
etag
8993619844746972551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:40:45 GMT
8945081907929045437
tpc.googlesyndication.com/simgad/ Frame 1527 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8945081907929045437
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24fda9b8ba968755625a6c65f2e09416c937b16d15197710349b4bbb71db4419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 05:59:21 GMT
x-content-type-options
nosniff
age
157925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127294
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 05:50:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Apr 2023 05:59:21 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1527 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C43aNHX5XYtr7DrTBzAaFuZf4D87Ag89pmN-Ps70Pv-EeEAEg5pfWJWCV4rCCuAegAbKGrvQCyAEDqAMByAPJBKoE1gFP0Hz5bYuXtEQNpAm-kEpA3Q8cr7QIRcDL1xz7nMvAdM1Q2-dB1Gce_0JL_V6Nj9y2xdm1T-_YHz8nDU4XsSPwSD9GimUVLIA2A5AB3W629JXqIIvGuEtSYELDTa7xCziELOGn5oBq3D8bOPEIQePlBo5-mI7sUKiG3mRrSfZQowUy-QONoVJx-q8XD2u4n8klBGUXG3GFFmLte8gB2QrW7LMd58svP8FV-otdo_1rtBixHlRmpP0eMNHNn6TzKOZHHBocI4gwcKRULIdaWDv8lgkXIzy8wASO4IHU7wOSBQQIBBgBkgUECAUYBKAGA4AH38nrjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAdIICQiA4YAQEAEYAPIIDmJpZGRlci01NjA2Mzg3gAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=H8p_9zPOpJ8&uach_m=[UACH]&pr=10:0.183551&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 14 Apr 2022 01:51:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
8945081907929045437
tpc.googlesyndication.com/simgad/ Frame 4D3C 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8945081907929045437
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24fda9b8ba968755625a6c65f2e09416c937b16d15197710349b4bbb71db4419
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 05:59:21 GMT
x-content-type-options
nosniff
age
157925
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127294
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 05:50:24 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 12 Apr 2023 05:59:21 GMT
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 4D3C 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:49:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:49:43 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 4D3C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1432
x-xss-protection
0
server
cafe
etag
15450667304708860052
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:33:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D3C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:26 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 4D3C 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7667
x-xss-protection
0
server
cafe
etag
7504708142712926003
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:46:27 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 4D3C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c25e591394ea7aa5b84b25e9e6b44e38773a3289a2db50987b2cf946c100ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14839
x-xss-protection
0
server
cafe
etag
8993619844746972551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:40:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4D3C 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEtYeHX5XYtWSDM3_zAb9o4PgBs7Ag89pmN-Ps70Pv-EeEAEg5pfWJWCV4rCCuAegAbKGrvQCyAEDqAMByAPJBKoE1gFP0BzQkQ-k02-e87Ni_reSmP-yxqP5J3hzpxSX04aer3sch8vzFLjaq_AAwyaQzjY7xGN8i5wO_bEuS382R7NtCt4gxa9qrcbgOJZ36FPFe9uNPdjsqQu3Iv8DjP1ecomci0QrLzZMTLarRRGQxKApxe7OBUrPq-ZPMHKgs1Sm56rtKVuuMMgFbZ9aRj5t6jKgyfjzuzzx4wLYYrH1YatPAzjGmo9lMJBVIOEMkt9nD9N0UivAKxS5S65HSS7tSGyNuR3Vg1z5v2gaZOUbttIgJFcS0stdwASO4IHU7wOSBQQIBBgBkgUECAUYBKAGA4AH38nrjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAdIICQiA4YAQEAEYAPIIDmJpZGRlci01NjA2Mzg3gAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=4d2eEs9KdZE&uach_m=[UACH]&pr=10:0.14698&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 14 Apr 2022 01:51:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F272 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRHi-dsIuUKCIq1mwN7FLDU-qvYwCcx7htFxra0pVzF57sF0cBwK-JpdoePC9_O0AmLUDgvW0REG0wQdPWAQtCKtdsooizWk5d8de3kM1pONQXfKzUDIbJ1HDMBI_WKfBngWliWOEihqO7xtQb543immPtSRBBeuWH36tT8E-Q8jlSQ0IIyPKcGrEuuimqp89g5mqnjRB713wdFweg4emFJKZ_shyQIJmUl8Zz5XfUgv6E3jWzJQ-C5kcjO45gBJtHJs6EPUYMoAm6OfHZems_a13L746p1h4gJW-nUgi1JXMMEGQC4XyhZhZ9wAgHsSLVahRhWLgn6LR2FnFjRxqaUCtEAXmbQEshboJD3Q&sig=Cg0ArKJSzMYaT_Hibj0tEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 14 Apr 2022 01:51:26 GMT
truncated
/ Frame F272 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6a357f767eded1d33facf42c6d087bc2e55f5e8d4c007581b8e306f0a02f66f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 22C4 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42073
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Thu, 14 Apr 2022 13:32:39 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:26 GMT
server
nginx
t
t.lkqd.net/ Frame ED86 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_a98f4fbf.js
vpaid.springserve.com/production/ Frame 48F2 		501 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8323dcd0d6c7d37f497b52f8a3fe466c47557e24a4a2298fd6dfe45d95e1131

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:20:35 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 14:13:06 GMT
server
AmazonS3
age
473452
etag
W/"6b701f638e0fd2494eaafda977ef4c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
oShuL3ZLBKJkodnGUqXGFLDGeVsTg_FtMcudCI9xueIGqQFknKZUjQ==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
vevent
fra1-ib.adnxs.com/ Frame F272 		0
843 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Frevistaquem.globo.com%2F&e=wqT_3QKNBvBMDQMAAAMA1gAFAQid_N2SBhDB6-vyu63uuXcY-MTAjN7IqfVqKjYJqfV-ox03wD8Rde-XBcnxuT8ZAAAAYLge9T8hde-XBcnxuT8pqfUJJAAxARvAj8LFPzCh6cgKONZEQOUeSGVQraLLJVjOgZUBYABoiZSwAXiL1gWAAQGKAQNVU0SSAQEG9BMCmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAovkReoCHmh0dHBzOi8vcmV2aXN0YXF1ZW0uZ2xvYm8uY29tL4ADAIgDAZADAJgDF6ADAaoD6gEKvwFodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9nZW5fMjA0P2lkPWF3YmlkJmF3YmlkX2I9QUtBbWYtQ3lCMXJ6S3ZsX1dlOWVmVGptNWY5ODUyZUpkTm5odU5RUzVTZnUtb1BaTTJtNmVDdXJheWNZdjhNVW9NZUpvUlM3elRfdTRNSmNiNDRqV01rOXlydHdPMUlnQmcmcHI9MTA6JHtBVUNUSU9OX1BSSUNFfRoTODYwNzQyNzE4NTI0MTQyMTI0OSIINzg4Mjc4MjEqBDM5NDE6ATDAA6wCyAMA2AP7oU3gAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMjE3LjY0LjE1MS42OKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAF9aKrpKCx5Mw4wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAF1cMs-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAlAoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEzMzA1MTc0MDE3NLoHDwgAASlEIAAwADi-BkAAyAeL1gXSBw0JCUUAAAVHCNoHBgknROAHAOoHAggA8AfDmwGKCAIQAA..&s=efa60326e117c07e96fca0ce9240082fa43392dd&type=nv&nvt=5&jm=1003&px=315&py=6175&bw=970&bh=250&sid=5238216261813256364&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22164641&sw=1600&sh=1200&pw=1600&ph=7142&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7334b305-2f19-49f0-8e0c-12ff5a966a9c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
taboola-supply-partners.tremorhub.com/ Frame 8E62 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 8E62 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 8E62
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16148

Redirect headers

Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=64f7e13e-bb95-11ec-9ac0-1189f5600506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
99
Connection
keep-alive
Content-Length
0
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 7F83 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
86667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:46:59 GMT
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 3CD4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
86667
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:46:59 GMT
async_usersync
ib.adnxs.com/ Frame 0CD0 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
04e186a6-231e-4090-abf1-af5e83408d65
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame ED86 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:26 GMT
server
nginx
adfetch
googleads.g.doubleclick.net/pagead/ Frame A39A 		80 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adfetch
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6ef19bd8f7eb1c61859b76b528ce2e03495ae0c293e9a23840f9a04cc05e163
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31825
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4A50 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:06:33 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8D07 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:06:33 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 22C4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=15414&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=L1YCI8FD-1G-5SWN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
467226423720066
connect.facebook.net/signals/config/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/467226423720066?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13bd93e14e6db23c4cb0098c88232e98676a48e199d720fc05495c36bd684d19
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89515
x-xss-protection
0
pragma
public
x-fb-debug
7tv4dC+M4R3y5+bSVedcjPaE1slFnYIeb/W/VytFawYcSlz4YSlF631Cm/tgEXTso5bVojFEsjvheWiHb8tS6w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 14 Apr 2022 01:51:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
CreativeDisplayer
impr.taboola.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://impr.taboola.com/CreativeDisplayer?adId=6635765&excid=22
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2c3bb77fbe888144bdf57c9a96903009b892afddc389ebd171bf17164eca89f4

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
via
1.1 varnish
server
nginx
x-timer
S1649901087.861638,VS0,VE9
x-served-by
cache-hhn4070-HHN
x-cache
MISS
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=8225217&_fw_gdpr=1&schain=1.0,1!taboola.com,1212307,1,749036275&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649901086625026-600
Expires
Thu, 14 Apr 2022 01:51:26 GMT
14278895
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/14278895?_fw_gdpr=1&schain=1.0,1!taboola.com,1212307,1,749036275&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f26d481f726d1a1cb156034379c44db699aa35dbeb7fe8aa31bf42722c65774f

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:26 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1174
x-sticky-vk
1649901086585024-589
Expires
Thu, 14 Apr 2022 01:51:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D950 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=2499927362386776&rc=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=sexqhznbn&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Infoglobo&_kcp_d=revistaquem.globo.com&_knifr=21&_kua_kx_tz=0&geo_country=de&geo_region=th&geo_dma=276008&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=1&_kua_glbdt_utype=anonymous&_kua_dmp_globo_id=1031689782149728999&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=th&_kua_kx_geo_dma=276008&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TTdqe%3A1%2CNu7TTsC3%3A1%2CNu7TT62z%3A1%2CNu7TUrCU%3A2%2CNu7TUPlV%3A1%2CNu7TXc5X%3A1&_kpa_meta_keywords=celebridade%20da%20semana%2C%20famoso%20da%20semana%2C%20celebridades%20QUEM%2C%20famosos%20QUEM%2C%20festa%20das%20celebridades%2C%20novo%20visual%20das%20celebridades%2C%20novo%20visual%20dos%20famosos%2C%20entrevistas%2C%20vida%20dos%20famosos&_kpa_title=QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades&_kpa_full_path=revistaquem.globo.com%2F&_kpa_subdomain=revistaquem&_kpa_domain=globo&_kpa_utag_editoria=home&_kpa_utag_page_type=home&_kpa_utag_produto=Quem&_kpa_browser_name=Chrome&t_navigation_type=0&t_dns=0&t_tcp=475&t_http_request=-1&t_http_response=232&t_content_ready=3362&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xbmbutg04&userdata_user=OxuwUuDm%2Cxbmbutg04&sview=1&kplt0=19929&kplt1=19930&kplt2=19936&kplt3=27202&kplt4=30153&kplt5=32767&kplt6=35254&kplt7=38352&kplt8=38515&kplt9=43900&kplt11=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C320%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C362%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C388%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C307
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
cache-control
private, no-cache, no-store
x-request-time
D=69 t=1649901086
x-served-by
beacon-n012-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
2b648daf-68d2-482b-988b-6f865a09e2c9
https://revistaquem.globo.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://revistaquem.globo.com/2b648daf-68d2-482b-988b-6f865a09e2c9
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://revistaquem.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
966a06a5-efd5-4649-8151-90454dd2fc05
https://revistaquem.globo.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://revistaquem.globo.com/966a06a5-efd5-4649-8151-90454dd2fc05
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
https://revistaquem.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ Frame 1527 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c05c3fa694b94cbf9791360818624943ba8a00022799852e3ceca61ef50c1ca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4D3C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3781f0a3009791ef9628c3b02189c39582b1b49923a876bb39f1799383a5589e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame A39A 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:49:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9777
x-xss-protection
0
server
cafe
etag
12512753850102923420
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:49:43 GMT
window_focus.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame A39A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1079
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1432
x-xss-protection
0
server
cafe
etag
15450667304708860052
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:33:27 GMT
qs_click_protection.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame A39A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/qs_click_protection.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:46:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7667
x-xss-protection
0
server
cafe
etag
7504708142712926003
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:46:27 GMT
l
www.google.com/ads/measurement/ Frame A39A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1-T2wXuz385mxDYqxFMKhTRW_BlKfBN86CEo3Wy1rvchHKa8ejDv5zapsAo3pw-BVFfQsY8CZPeOnh6WIFCQUY2nDDg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A39A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:26 GMT
one_click_handler_one_afma.js
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame A39A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/one_click_handler_one_afma.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6c25e591394ea7aa5b84b25e9e6b44e38773a3289a2db50987b2cf946c100ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:40:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
641
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14839
x-xss-protection
0
server
cafe
etag
8993619844746972551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 28 Apr 2022 01:40:45 GMT
14211256117973657548
tpc.googlesyndication.com/simgad/ Frame A39A 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14211256117973657548?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkMWCJY1Eh5rBJAFqMq7TpxxEcNCQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ca3dbab0cafa8d4dbebec0f905a17999e8c822a435692a0e7cd6d7cc44a4b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 06:48:48 GMT
x-content-type-options
nosniff
age
68558
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89231
x-xss-protection
0
last-modified
Wed, 13 Apr 2022 06:41:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 13 Apr 2023 06:48:48 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A39A 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFmYPHX5XYvvCEYylzAat7oSAA87Ag89p1oP_gOYPv-EeEAEg5pfWJWCV4rCCuAegAbKGrvQCyAECqAMByAPJBKoE2QFP0Bda-aibm9z5JPQ-W7eCJK01yxXk-tFptHSHGs2zp3EdT_vcUenkcpjiBt9vu3sM0ApmC-TxqA3RdPlzs8gPVlPaUiziD4pCyuMf8zNWjJsKdVHbF8kXQgByJpSry-vEH_jND7w0CyJdS9bTOH132cRX7EpfjumeljuwKIA1Lb_9Ch926TiYQZqSoFQ4t_JGvlukuvJ3qoB_lo6Xzxk2atCDjvcc4ZbCGGpDcPhfdBffxrWEChPJHQ6VNiOireG8Btp7qKsaxTy32aTxLXcyfTUvd2-t1D2IwASO4IHU7wOSBQQIBBgBkgUECAUYBKAGAoAH38nrjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAdIICQiA4YAQEAEYAPIIDmJpZGRlci01NjA2Mzg3gAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=2DBcvnrNBLQ&uach_m=[UACH]&pr=10:0.126682&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 14 Apr 2022 01:51:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 22C4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HHVF546RRWZ1KE7SK41Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
70P0NRWV0WQ85ZJ9F03V
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 22C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1YCI8FD-1G-5SWN&gdpr=1&us_privacy=1---
0
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1YCI8FD-1G-5SWN&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 544DEFD5D9054881A98EE593807BF9E6 Ref B: FRAEDGE0822 Ref C: 2022-04-14T01:51:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXck4g3BKy+17kKYbgmjw==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1YCI8FD-1G-5SWN&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 22C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQxZDQ1ZmExOTEwNGI4YWFiZWIyMjZjM2EzMDIzYWRjYTgwODliNA&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQxZDQ1ZmExOTEwNGI4YWFiZWIyMjZjM2EzMDIzYWRjYTgwODliNA&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGQxZDQ1ZmExOTEwNGI4YWFiZWIyMjZjM2EzMDIzYWRjYTgwODliNA&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 22C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=1&us_privacy=1---
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1YCI8FD-1G-5SWN&sigv=1&esig=2~83c93ace3e92697b8a33fe309a99144f306c4668&gdpr=1&us_privacy=1---
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1YCI8FD-1G-5SWN&sigv=1&esig=2~83c93ace3e92697b8a33fe309a99144f306c4668&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1YCI8FD-1G-5SWN&sigv=1&esig=2~83c93ace3e92697b8a33fe309a99144f306c4668&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 22C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yhxfMXlD_zf4McEzGgl0Fcn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1984157158644672342
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1984157158644672342
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Thu, 14 Apr 2022 01:51:27 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1984157158644672342
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 22C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFZQ0k4RkQtMUctNVNXTg==&gdpr=1&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFZQ0k4RkQtMUctNVNXTg==&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFZQ0k4RkQtMUctNVNXTg==&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 22C4 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 22C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPahVA6cIjG4Q9Mc2bkpvgI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPahVA6cIjG4Q9Mc2bkpvgI&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEPahVA6cIjG4Q9Mc2bkpvgI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding
gzip
etag
"8cbcf8a5c724c32aa9be09d14a4c624d"
age
3073
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
923
x-amz-id-2
eBvA3Cn7Vmi0RQPvR7kaz9zs14aMYgzx2uA7jWWQOie8bh08mSXjXMH6nljkG1Q4xYusyg4kNp0=
x-served-by
cache-hhn4039-HHN
last-modified
Tue, 05 Apr 2022 10:34:30 GMT
server
AmazonS3
x-timer
S1649901087.008902,VS0,VE0
date
Thu, 14 Apr 2022 01:51:27 GMT
vary
Accept-Encoding
x-amz-request-id
81KT1GAWAE081RQZ
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
62
x-cache-hits
974
ifs.js
cdn.taboola.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/ifs.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b60f0afd32ef170a025452d6fbaad529ff4c0da0c70aea2cead0bf7d5fc40fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
3YN_ofBHSe02JF2BZQMHXRRXRwh5FMw.
content-encoding
gzip
etag
"9cc73860125e9987a0bd0ec9781b386d"
age
28024
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
870
x-amz-id-2
eUDQSWVay699o/uKvk4jE1gCXLJu+MzyygYCzVRd8OgBySmgs4apPMQcxIbKzKkkpQfF/p/igBg=
x-served-by
cache-hhn4039-HHN
last-modified
Tue, 05 Apr 2022 10:34:32 GMT
server
AmazonS3
x-timer
S1649901087.008967,VS0,VE0
date
Thu, 14 Apr 2022 01:51:27 GMT
vary
Accept-Encoding
x-amz-request-id
D3733K215P5TQRFJ
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
62
x-cache-hits
2242
eid.js
cdn.taboola.com/scripts/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220413-5-RELEASE.es5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id
53OKvw2BQarIq1DW0RF8XLcp_dkKr3oX
content-encoding
gzip
etag
"4574ed3f43bc468d4dc39dc39e86297d"
age
7831
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5298
x-amz-id-2
XEesAgezm8waO2ezFQxspnwwFZU0hmhbKX4/WIevW1IstnLbRypgemH5EwVHwTsFHgBp7Nz/B3k=
x-served-by
cache-hhn4039-HHN
last-modified
Tue, 05 Apr 2022 10:34:31 GMT
server
AmazonS3
x-timer
S1649901087.009016,VS0,VE0
date
Thu, 14 Apr 2022 01:51:27 GMT
vary
Accept-Encoding
x-amz-request-id
XJJ3B96FZT0D5SZ0
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
62
x-cache-hits
1950
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 4B95 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
86668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:46:59 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 48F2 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4a47497fff81c9bdf3552f3e83a3bda9c4e79e82d426e92e2c1134318fa04b68
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1c8a511-4d0c-462f-9864-0fdd51edd52e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
moatvideo.js
z.moatads.com/taboolajsvideo2446883476/ 		347 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3bdaf6133ae7de97fb03c6261445580d9868ce51d260bda0bfe71024c03dd790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:09:27 GMT
server
AmazonS3
x-amz-request-id
C606BJQXXP8SWGBZ
etag
"25dd56c7fb272cda62b2fc58141098b3"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=34644
accept-ranges
bytes
content-length
114933
x-amz-id-2
4ekxBZol6bAW+Mib6Y5ckh6dIlFMBPJYgVREr4HAB04MQGBZegUgUh9pqwQEekdjeGrVTyvgKLM=
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=467226423720066&ev=PageView&dl=https%3A%2F%2Frevistaquem.globo.com%2F&rl=&if=false&ts=1649901088608&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649901084815.1599294466&it=1649901084676&coo=false&rqm=GET
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 14 Apr 2022 01:51:27 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 74C7 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:06:33 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D34 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjste_butAs85vF4tGCc7c0KYVFDa7nHWYAVeuqH9XDIbmjp-T4CoOONqhgPGloK4ttA_bttEKfYhbYWYR2L8YkLymxwG9AtKQFQmmaPHRCqNRh_azl3r&sig=Cg0ArKJSzLoTRe0ICh4PEAE&id=lidar2&mcvt=1058&p=179,315,269,1285&mtos=1058,1058,1058,1058,1058&tos=1058,0,0,0,0&v=20220411&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=4149626038&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649901086550&rpt=999&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D4D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss__6CgLb4FWmBEJ3Y4asUBC32H7NggVeROvbpeFBvE9EN3jLzY3E18ZRSGIHzrakvHQU4F7ecY1eQDMH_iJEYaMPaS5m-yO3v8B6Km18ruZZI1PSpu&sig=Cg0ArKJSzMkcZBKcJ5tTEAE&id=lidar2&mcvt=1060&p=1137,315,1227,1285&mtos=0,0,1060,1060,1060&tos=0,0,1060,0,0&v=20220411&bin=7&avms=nio&bs=0,0&mc=0.7&if=1&app=0&itpl=30&adk=956500058&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649901086539&rpt=1004&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 91B2 		337 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jan 2022 13:58:10 GMT
ETag
"1643119090"
X-HW
1649901087.dop056.fr8.t,1649901087.cds041.fr8.shn,1649901087.cds041.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
116304
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 48F2 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
70978628a17946d144aaab5ff3dcfb84eccc155be63f30515ba2200428ec2d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:27 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4A50
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:27 GMT
expires
Thu, 14 Apr 2022 01:51:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:27 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame D541 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
86668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:46:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8D07
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:27 GMT
expires
Thu, 14 Apr 2022 01:51:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:27 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 2F3D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
86668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:46:59 GMT
nan6jiowovjgfvzaw2jo_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/233155/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/233155/nan6jiowovjgfvzaw2jo_DESKTOP.mp4
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://revistaquem.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront), 1.1 varnish
age
584020
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-4972879/4972880
x-amz-meta-md5-hash
7434085b808bd3ae1aa5ebc8188806b4
Content-Length
4972880
x-served-by
cache-hhn4039-HHN
last-modified
Thu, 07 Apr 2022 07:34:40 GMT
server
AmazonS3
x-timer
S1649901087.214217,VS0,VE0
etag
"7434085b808bd3ae1aa5ebc8188806b4"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
CoRoum9nVEVOMBlKu18ehJV5ad-LvIJr-hiccS97fNs_F1MOScmHZw==
x-cache-hits
0
/
pips.taboola.com/ 		4 B
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-hhn4071-HHN
access-control-allow-methods
GET
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
truncated
/ Frame A39A 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29148f34ac30bb336922b3e8d0300a0acd45fbdefd3fc71451de441a1fdbc1de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 34D7 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
/
cds.taboola.com/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 14 Apr 2022 01:51:27 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
tsdtocl.com/ Frame 59D5 		786 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tsdtocl.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/ifs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
530
content-length
786
content-type
text/html
date
Thu, 14 Apr 2022 01:51:27 GMT
etag
"fb5a4594b9ffef704d61bb6e6f80f145"
last-modified
Wed, 05 Jan 2022 19:36:57 GMT
server
AmazonS3
via
1.1 varnish
x-amz-id-2
i1HKrXND+e1xjHZ+Oy84pMYw+QBZ6Xpm6YOUedHWl8eTyY/6imrOJYDygZa0zLD1FGO9VjG9Qwc=
x-amz-replication-status
COMPLETED
x-amz-request-id
54FC52FE541XB761
x-amz-version-id
Qk4nobcRRphLiqVWi0NeSs0dand8kap0
x-cache
HIT
x-cache-hits
106
x-served-by
cache-hhn4028-HHN
x-timer
S1649901087.337149,VS0,VE0
n.js
geo.moatads.com/ 		112 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B987jmPgh_%3CXT%23Vyt9.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-FHF%2B%2BNkZmbnPYElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-lWWj2Zz1Kg7M0g%3D%3D&sc=1&os=1-Uw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=5lwJ2%2BCILR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1649901088839&de=187372091981&m=0&ar=9f397fe3151-clean&iw=2aaf67f&q=2&cb=0&ym=0&cu=1649901088839&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=WIDGET_ITEM%3A203735%3A67124805%3Arevistaquem.globo.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Frevistaquem.globo.com%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F233155%2Fnan6jiowovjgfvzaw2jo_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=globo.com&zMoatSubdomain=revistaquem.globo.com&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3301%3A3301%3A0%3A3362&jm=-1&fs=197724&na=2009414544&cs=0&ord=1649901088839&jv=1955527560&callback=DOMlessLLDcallback_56834929
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.135.183.184 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-183-184.eu-west-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
818f601c24ffd6fb177d3b472a8e1e3506df22201b663a53926cbc2e9850aac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"21ef43ffb9e26f8dca6bb9d600866af0be489746"
content-length
112
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1649901088839&de=187372091981&m=0&ar=9f397fe3151-clean&iw=2aaf67f&q=3&cb=0&ym=0&cu=1649901088839&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=WIDGET_ITEM%3A203735%3A67124805%3Arevistaquem.globo.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Frevistaquem.globo.com%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F233155%2Fnan6jiowovjgfvzaw2jo_DESKTOP.mp4&zMoatOrigSlicer2=N%2FA&zMoatDomain=globo.com&zMoatSubdomain=revistaquem.globo.com&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3301%3A3301%3A0%3A3362&jm=-1&fs=197724&na=383829081&cs=0
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 14 Apr 2022 01:51:27 GMT
async_usersync
ib.adnxs.com/ Frame 12D8 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fc08ac7c-3c7e-4fb8-aa07-41f14f331de6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2BA7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8488bf28-f122-4314-981f-31b7a390880a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 74C7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:27 GMT
expires
Thu, 14 Apr 2022 01:51:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:27 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 6098 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
86668
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:46:59 GMT
wl
t.pubmatic.com/ Frame 37CB 		17 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=467226423720066&ev=Microdata&dl=https%3A%2F%2Frevistaquem.globo.com%2F&rl=&if=false&ts=1649901089179&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades%22%2C%22meta%3Adescription%22%3A%22Confira%20not%C3%ADcias%20sobre%20os%20famosos%20e%20celebridades%20do%20Brasil%20e%20do%20mundo.%20Veja%20fotos%20e%20flagra%20dos%20eventos%20mais%20badalados%20e%20tudo%20o%20que%20voc%C3%AA%20sempre%20quis%20saber%20dos%20artistas%20aqui%20na%20QUEM%22%2C%22meta%3Akeywords%22%3A%22celebridade%20da%20semana%2C%20famoso%20da%20semana%2C%20celebridades%20QUEM%2C%20famosos%20QUEM%2C%20festa%20das%20celebridades%2C%20novo%20visual%20das%20celebridades%2C%20novo%20visual%20dos%20famosos%2C%20entrevistas%2C%20vida%20dos%20famosos%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.glbimg.com%2Fv1%2FAUTH_6fe2c04fd96b44a3802fd18cbc408596%2Fassets%2Fthemes%2Frevistaquem%2Fmedia%2Fog-image-quem_8fda4aabb9.png%22%2C%22og%3Adescription%22%3A%22Confira%20not%C3%ADcias%20sobre%20os%20famosos%20e%20celebridades%20do%20Brasil%20e%20do%20mundo.%20Veja%20fotos%20e%20flagra%20dos%20eventos%20mais%20badalados%20e%20tudo%20o%20que%20voc%C3%AA%20sempre%20quis%20saber%20dos%20artistas%20aqui%20na%20QUEM%22%2C%22og%3Atitle%22%3A%22%20QUEM%20-%20Fotos%2C%20not%C3%ADcias%2C%20comportamento%20e%20flagras%20dos%20famosos%20e%20celebridades%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1649901084815.1599294466&it=1649901084676&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Thu, 14 Apr 2022 01:51:27 GMT
wl
t.pubmatic.com/ Frame AC7B 		17 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
generate_204
tpc.googlesyndication.com/ Frame 3CD4 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jTeFwA
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 5BE7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81768
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:27 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 34D7 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81768
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 91B2 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1649901089227
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:27 GMT
Last-Modified
Wed, 13 Apr 2022 15:20:32 GMT
ETag
"1649863232"
X-HW
1649901087.dop007.fr8.t,1649901087.cds245.fr8.shn,1649901087.cds245.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=fb34cb2417d25acb7244d935c25498b5&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l04bc_7086271210300826826
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=f05f460c-7c71-4add-85b4-6d93ed1e951a
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZmIzNGNiMjQxN2QyNWFjYjcyNDRkOTM1YzI1NDk4YjU=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIHeP4G9b2LIlWyZfkN2b-I&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAGF807ErvwAADYzwFHJ6A&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/fb34cb2417d25acb7244d935c25498b5?gdpr=0&gdpr_consent=&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Pgjvf3VE2oObjA2uh.vd68ZR0oXyxvU_cDJHcUOb~A
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=N1yNz4lE1NEODS5
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:28 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-4
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:28 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1649901087814074-603
Expires
Thu, 14 Apr 2022 01:51:28 GMT
generate_204
tpc.googlesyndication.com/ Frame 7F83 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?xRVp0g
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
ads.stickyadstv.com/additional-scripts/ Frame 91B2 		301 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=14278895&loc=https%3A%2F%2Frevistaquem.globo.com%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
Server
nginx
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1649901087065075-508
Expires
Thu, 14 Apr 2022 01:51:27 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 91B2 		67 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=14278895&_fw_gdpr=1&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1212307%2C1%2C749036275&vav=6458e7edfe109b95728a30c0a444f49c&vaviv=4024b779fb6329011e044d1bc3203c0f&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.3.1&focus=true&componentId=vpaid-adapter&loc=https%3A%2F%2Frevistaquem.globo.com%2F&playerSize=619x348&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash

Request headers

Accept
application/xml, text/xml
Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649901086898094-532
Expires
Thu, 14 Apr 2022 01:51:27 GMT
async_usersync
ib.adnxs.com/ Frame 0CD0 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8790&pub_id=1980867&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8790&pub_id=1980867
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:27 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
487f1b11-7beb-4fdf-a36a-d8730f421565
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
5007d44e-09d1-49b7-8c99-6b1cc38c3cbc
consumer.krxd.net/consent/get/ 		220 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5007d44e-09d1-49b7-8c99-6b1cc38c3cbc?idt=device&dt=kxcookie&callback=Krux.ns.globo.kxjsonp_consent_get_2
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.f5d7048d3841bccb4f5d92333c20b066
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2712725740a6e8dd1a2101fcac2c125fda437e802060bd56db867cac98b3e0d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a006-dub-prod.krxd.net, cache-hhn4083-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1649901088.863569,VS0,VE28
content-length
184
x-cache-hits
0, 0
wl
t.pubmatic.com/ Frame 3449 		17 B
98 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:27 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Apr 2022 01:51:28 GMT
generate_204
tpc.googlesyndication.com/ Frame 4B95 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JxGGhg
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pixel.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=J2lZajxx&_kpid=5007d44e-09d1-49b7-8c99-6b1cc38c3cbc&_kcp_s=Barra&_kcp_d=revistaquem.globo.com&_knifr=23&_kua_kx_tz=0&geo_country=de&geo_region=th&geo_dma=276008&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2010&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=de&_kua_kx_geo_region=th&_kua_kx_geo_dma=276008&_kpa_meta_keywordsDELIM=%2C&_kpa_kx_context_terms=Nu7TTdqe%3A1%2CNu7TTsC3%3A1%2CNu7TT62z%3A1%2CNu7TUrCU%3A2%2CNu7TUPlV%3A1%2CNu7TXc5X%3A1&t_navigation_type=0&t_dns=0&t_tcp=475&t_http_request=-1&t_http_response=232&t_content_ready=3362&t_window_load=0&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=xbmbutg04&userdata_user=OxuwUuDm%2Cxbmbutg04&sview=2&kplt1=19929&kplt2=19930&kplt3=19936&kplt4=27202&kplt5=30153&kplt6=32767&kplt7=35254&kplt8=41931&kplt10=43632&kplt11=43900&kplt19=45407&kplt20=46183&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2F5007d44e-09d1-49b7-8c99-6b1cc38c3cbc%2C235%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C32%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C32
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=129 t=1649901088
x-served-by
beacon-n007-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmIzNGNiMjQxN2QyNWFjYjcyNDRkOTM1YzI1NDk4YjU=&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmIzNGNiMjQxN2QyNWFjYjcyNDRkOTM1YzI1NDk4YjU=&gdpr=0&gdpr_consent=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:28 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZmIzNGNiMjQxN2QyNWFjYjcyNDRkOTM1YzI1NDk4YjU=&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1649901087563048-593
Expires
Thu, 14 Apr 2022 01:51:28 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=fb34cb2417d25acb7244d935c25498b5&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=fb34cb2417d25acb7244d935c25498b5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:28 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9MPV3W11M26GC06X5X2F
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:28 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=fb34cb2417d25acb7244d935c25498b5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1649901087185081-533
Expires
Thu, 14 Apr 2022 01:51:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 5BE7 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92573707&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f1b16a7311e10fef04597e3b135b410b9d8487a7c203e74cd32e2e307f71036c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:26 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 34D7 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,&us_privacy=&cb=1649901089209&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:29&ranreq=0.06926596431822585&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 12:58:03 GMT
server
nginx
etag
W/"624c3cdb-17cf9"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 15 Apr 2022 01:51:28 GMT
match
c1.adform.net/serving/cookie/ Frame F629
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 14 Apr 2022 01:51:28 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 14 Apr 2022 01:51:28 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 4A11
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:18576257-7e1d-4600-b186-4b87cea796dd&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 1878
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1930816772207440750
42 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1930816772207440750
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Apr 2022 01:51:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug007:0:443

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1930816772207440750
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7B75
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5BE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=IzvFZxzWQtSthbs_7qs_NA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=157231
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 15 Apr 2022 21:31:59 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=18576257-7e1d-4600-b186-4b87cea796dd
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=18576257-7e1d-4600-b186-4b87cea796dd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 14 Apr 2022 01:51:28 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x26 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=18576257-7e1d-4600-b186-4b87cea796dd
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 14 Apr 2022 01:51:27 GMT
mw
mwzeom.zeotap.com/ Frame 5BE7
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=f05f460c-7c71-4add-85b4-6d93ed1e951a&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=0a9d84ad0678b7d0
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7106cd9a-55e4-49e9-658d-7d6185393dbc&reqId=e038743a-c865-4fd9-5b41-0b740e364cf2&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHQjcpmneLwRTp4Zub-tNs0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7106cd9a-55e4-49e9-658d-7d6185393dbc&reqId=e038743a-c865-4fd9-5b41-0b7...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHQjcpmneLwRTp4Zub-tNs0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7106cd9a-55e4-49e9-658d-7d6185393dbc&reqId=e038743a-c865-4fd9-5b41-0b740e364cf2&zcluid=0a9d84ad0678b7d0&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6fb8cbeb18255a3d-MXP
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHQjcpmneLwRTp4Zub-tNs0&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=7106cd9a-55e4-49e9-658d-7d6185393dbc&reqId=e038743a-c865-4fd9-5b41-0b740e364cf2&zcluid=0a9d84ad0678b7d0&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjMzQkM1NjctMUNENi00MkQ0LUFEODUtQkIzRkVFQUIzRjM0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:402
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdud4czLbAMfH9PpG3WhCc&google_cver=1
42 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdud4czLbAMfH9PpG3WhCc&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:638
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECdud4czLbAMfH9PpG3WhCc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 5BE7 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 13 Apr 2022 01:51:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5532520119658720114
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f05f460c-7c71-4add-85b4-6d93ed1e951a
0
0
Pug
image2.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7704152931637928568&gdpr=0&gdpr_consent=
42 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7704152931637928568&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:340
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:28 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d43b997c-80a2-4d9e-9889-be9099d3deb4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7704152931637928568&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5BE7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gDwnwIFrIMebOnbEgWo_ltc-dsabOifAhDlvimPL
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gDwnwIFrIMebOnbEgWo_ltc-dsabOifAhDlvimPL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gDwnwIFrIMebOnbEgWo_ltc-dsabOifAhDlvimPL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AC7B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=2931402720407680&bg=!xsWlxYHNAAZvJBiFTyQ7ACkAdvg8WgTK_x4gk7n6Uz0GcC2gFuFcxU9uw7iq3wUBX5t4guLU9G2VeAIAAAN9UgAAAAJoAQcKAGta_esOWOLEDufKKJbBioyIG3tK_YjAblMjE3BF5DBYAtDOORI7s4OoCTFN8_ebTGr7XPQmqh0hUlIhSUtVcbaGPgfPrUvPbfcWhuZctyT5ZWDz8ULcyivqUBGrOVQjiYSgPIxCWn6bcsM1upkCyIjIv8GrNUYNGUw1RMRztzt3y9p0Hz2P5Ojma2qiJgs-Ye4-uuc4oN16aJcv4g3TyRTIK-TXjWqBM9WoHfoxquKoILG4r1WWc_pe0vwFjKZ__nGqUzVGU_kIboajJJr_fCns7elESpL-gLLGq_i4DxdKCXfxbWnD0L1BBVe-kPGf70sUcIYrf4EphVSrphvW8w517vRr4OezV7XgR4AJ7e0PFJ_tv5gQCZL6-8g3lZNZcV6Z6PdhQwKG-nmb6VBGhxf0qckTI68jLELwuKuDcYByTvk8NgF2cc9B0BEhv72ZrwcbJjiMboshtMhdsy_0QXAJzmwApm3ZuoYfHE2ci-S5C1PT_x1QCxAqEpLURej3DMdAJZj8suV2duLJe68d6bCdBcp1J6TDUEXmxS7GdvOMlKhpAbORWQa_iYbvwE-_plip6EOqdGOxMBG0ZycbjBYCsX8d3mNfLPNNbWjfvjUifyMmZ-54P1p3VnQ6RwA0WDwSf1cvPY8mF9hcMo-19-WtnMSa5a5MZEm-ekYKko76xS8rcfcE4eg3jKm6eUMMLStDn6qlN_7aj2nJU49QgKpyiOVT0CG2KwsAABdMnIwC1u6Y1Rewi6rUXMvXmB7GCr3wDxJMNo0FjdAw3ZJNWlhNkcwhfSoLzJqE9BVw2oHW8vyrKfmeezHp5Mh016k7XNTRR5TsCqvdWQENDeur3eCqSQu0tsyvTwuWcUZchtduL0qsyAWIlWYA5JphD859SdAfvlp9sYP8QeBVuJ1pqOl93Yr0QWsgirq39dLR_KCRBOXpQp6mUFXDD82R5dUEbTaNTrXh5LdVkmKNtJ1qSqA_2ibjgqiA00v04I7UM77T3SsbJ_pVdtrALBqNENDbjBVaJl1frlQT4cXnQiuYwUA_qMH6xNly8F1iKwt1RRjY0w3V8eqrica0YRyqJygvv62kTgL9Q2g
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37CB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=4190216539386806&bg=!_P-l_7vNAAZvJBiFTyQ7ACkAdvg8WtdieltTt1jsg7sxy3fI72fFdZdbAPGh2b7sfCemeL44rrrEIQIAAAPzUgAAABpoAQcKAFg1kAgtigHk0bZDSMdV_Pm8VpW5sba1DlzwdeWRWJBtc_DXYvL6K_du0snlzABS4GcWTmEuM3zrQCaHOYl3EyBMwwp2pBWiuNQXH4eDjuc-QPnkIZoVajwymQLJ4hefYu41Ykfe8cGSZz61PkM9kmF-CM4QHyul-EBAtKNu1G2QMu-X8fMtxeZoWnZaG42Th4BoXbZW6-1sASNK78MAweXSQwSBVNP__yyl82BqmKJeuOfPV7BrXG2QUpVE3IicWKlSUzKi91gGGvG3a4zaXIKy9fjI5R1Gm0yg-cWCkkiiGhF1EYAGezDsBVw7_IAK-PhnYEVS7NAnJcYxwAaTdiqsYVa5QOnX2lZhM8di1QRhNRIuBJRGHRJwVnj11STY2daSoLzEphfMlV9TcUhfKBw6rlCH2yRBJxVlGUNdPp_g1ZNTT3n_a02DQ4lML-I_rGEPXeCiNwX7A5_AXLkOoWyy-a9bk5VoIIx0RexqvhqufgjdQ8brmI9sGBK47PW-khPLIvyKOtvaiTi_k9eFspNsboNsdLO2Ov8h6ZqHZ2NSQMvo2RBrPfgSUhJOQsg0ITTG9vCuU9ruWnmRrWpOspZ5GjfCMrEB1_zae9CU8UOOSvb4q4M2QIrtvWExqJak9Bi0V1mS_IV44mIHw4RnDEkDl2BSH__bRcnt_0av3s6sizZVoLoPL9-GTxcXVQ64g0MLrj6sYgCuYT0rXhVKuinogLXj1zalpqR2ZVivALurji4swii003jateriBVUELFynH4DHlMc_z5eGn9mKUe8cr3AamcE_yH8Y82cEs9J3fiX8O5XwziGZq23earFLYpIDqm7DmXcQXiXEMvtMhp4UFx0DlajkvzK7EgwNw2XyDdTeNqheUaZgbneZ_IuXL3ZbBEP6dR6Trv2dvMwnq8dtcjIJQgR7dBvy26LVuq3SndOtMrvzsAAydcH0tSiP_r3U0Nced389YQEwQZHgFN7ANhVSCezxVpHeP218PsJgwp2nTimJSlOvOJeTX3vMJ3cKVT-YbtZgNbGePHFnWvC1BSYsnaqtgokvWmD1hYdjFm1MAqU
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3449 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=2499927362386776&bg=!bG-lbyvNAAZvJBiFTyQ7ACkAdvg8WsX4EYfdbmYkFwD9abVLTsVEV1G5v68QycJErYr80pt3HdelbQIAAAM0UgAAAAJoAQcKADTDHVXmwUHJ6dpnBtRV7bZH-c_5fZ8GVqyreHgJDu1eMInEMuS3YBAzqvirEGx7mNBqw45gmQLQa-iHIkWT45-q0bI9XCe0FAUouM1mHGbXDoubfO7VlJ32kQXGJFsm2HEO5x7SxkP7rguRSrw7LXy3TvSg-lSffRWiFh3F-FQTfmGyTodmYrYBPg5iJE39x_OVuIk8V4JtYke3cn9kZ69gEu_OF49DpEPIHKD6Qm-rbchNQ06NCvX_4DJCLevItpv_8uCFPeMUc9ViRAXAG7tuTSH1Z_6mHlfGULz6FN-knG1y74mxW6XKWm8DhQrKhUIyoQQhHAIKboovnODynbf8kzwBsZxQGa-fJ_vRiw8DJ9Xct21FT4VgHq7bR7m-JzICa6plCZGOg03iyfIynchBt0vK-aCeqsRXz9n0XetKyXSYcjXQLE5M0JRlG94MAixXVFy84zeasBj8wN_ROJzvoQFk6pOd7SplRMJAip6um7VuU-2xxiCcEgj3g6OCZsuIFacG2ZdQxeVdCWMPbReGulYHNaToF3JsKR34j-IWK9q3NamtMor68PAaM2h7V_EUdjinkpJC9cEuDWlyNoCdMRSZeAzE_22E3YWemsHw3OkQu3JFYsJeYiUX-QIth-F1xLLQt5LOxTA_72yprmbRVEdVdZodsFGQrKC2O2r_Id-W7znuTVJJK55mT1WCeDrpUmkiZJ1pWuKm2XiWrfw9NO8rvYVuw3F9OI_KDaVvGqOJnFkt0cWLwvtpLTv8Hdczhec1i2nSZC7_gndgUoBFFiIsQA1vLms5_dOvZYXFe0zt7M508xQiVAIEAN21i3k_k7lCT_UQihP_MX7LCbO5_emrbRsvsZcegHSp35tGK0r12JyQyzMJC-nJ2XYD2eWPqNmzAfc5BT9hVCIqVnbcbSnQF-k0KDW9MA_Vk5KEY_mh9DBJazolpZ9GNkNMKnEGgNN9ZkQLVBH4MRYiuVUKwns6j6YP7uKiw89lN-zYmRevP9QPnddJEXVq6GIlagnNXPDTx6aD
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 48F2 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ffa1afd43c13d8b14b50083057bc01885849449e727567ae7f8863bf977ae3ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:28 GMT
track
aktrack.pubmatic.com/ Frame 48F2 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901087&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1423 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7281 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81767
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:28 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1423 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81767
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7281 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24025270&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4f1fb7dc346c7efaaeeb56100702c0e2e47046d21d8b6475f8f99540595b20d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame ADE5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086271214606547085
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 01DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yld_IAABzu1TdQAZ&gdpr=0&gdpr_consent=&_test=Yld_IAABzu1TdQAZ
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 38EF
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame D7C6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pQHog5hZRXJyywhxFGiggdlAl0Q
0
0
Artemis
aud.pubmatic.com/AdServer/ Frame 7281
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&addseg=19,36,42
0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 7281
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
frontend-id
12
location
/pubmatic/1/info2?sType=sync&sExtCookieId=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 7281 		95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6fb8cbeca9845a3d-MXP
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 7281
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
3.208.213.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-208-213-85.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:29 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 14 Apr 2022 01:51:29 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7281 		43 B
995 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/233BC567-1CD6-42D4-AD85-BB3FEEAB3F34?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8032:ea84:336c:262b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 7281
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0oCT3bxE2uX.HjC2tNPdWKQMokyMH.Q-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0oCT3bxE2uX.HjC2tNPdWKQMokyMH.Q-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0oCT3bxE2uX.HjC2tNPdWKQMokyMH.Q-~A&gdpr=0&gdpr_consent=
date
Thu, 14 Apr 2022 01:51:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 7281
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://px.adhigh.net/p/cm/bsw?u=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&bidswitch_ssp_id=pubmatic
  • https://px.adhigh.net/p/cm/bsw?u=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&bidswitch_ssp_id=pubmatic&bounced=1
  • https://x.bidswitch.net/sync?dsp_id=9&user_id=ummzOeRHQ8b.AikABlGAJcSwgQ&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&gdpr=&gdpr_consent=&gdpr_pd=
0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7281 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7281
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7896357961865025998&gdpr=0&gdpr_consent=&us_privacy=
0
0
pubmaticmatch
match.adsby.bidtheatre.com/ Frame 7281 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1423 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,&us_privacy=&cb=1649901090180&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:30&ranreq=0.40102407085559877&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 48F2 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=0a766b9d&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.212.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-212-22.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:29 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 48F2 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901088&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by
Host: revistaquem.globo.com
URL: https://revistaquem.globo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
content-length
0
content-type
text/html
OneSignalSDKWorker.js
revistaquem.globo.com/ Frame 		0
0
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022040701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41e351d3e1b97fdcff651bfbdf9d875f3204af0643c5bfe02f1534f28e9468d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 14 Apr 2022 01:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10484
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 1F9D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=revistaquem.globo.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
5134
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:29 GMT
server-processing-duration-in-ticks
3285
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022040701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 14 Apr 2022 01:51:29 GMT
sid
mug.criteo.com/ Frame 1F9D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=globo.com&sn=ChromeSyncframe&so=3&topUrl=revistaquem.globo.com&bundle=g2eEA19CSU8zZElGOXlaRXkzSWFOR25XajFmZzA4RzlnRThpMWZEaFdsMjdZZ0RaT1V2...
  • https://mug.criteo.com/sid?cpp=6mogNnxhMWlXRk0yZVMyMmxTWk8yV1RRL242bGdZNUNQWlBsOFZNSlhsZHllQjRyMXR1N0ZlZDhwbmRWK0NtUy9ZWmlFdjZsanRPVTBVbGhSRHN3azFvRFk3c3oxYnJ6WFRrbnJnZ3Q1NlllU2tnSU95aHFFbnE5UUErNE...
430 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6mogNnxhMWlXRk0yZVMyMmxTWk8yV1RRL242bGdZNUNQWlBsOFZNSlhsZHllQjRyMXR1N0ZlZDhwbmRWK0NtUy9ZWmlFdjZsanRPVTBVbGhSRHN3azFvRFk3c3oxYnJ6WFRrbnJnZ3Q1NlllU2tnSU95aHFFbnE5UUErNEFhYUFEcFk4WWxUVHB1bXAxeHBQdjFuZ09PdmNnWnhxZ1lNaFloM3p1NWVNOVlNTmkyTHRKcCtVQWZqVVJ5R3NhekRjQjBlMXdrR0xOL0t1bkNLa2VNbmxoR2ZiWi9RcDNYb293T1hoM040TjNaSVVqck5uR2UvS2ZuSTg3QzRuTllBajhWdmFtM0t6Wmo0aEp1eHh5bDFRU0F4QlNuZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2649e62d7d4564299581ce0f4f0dd3939e254880313846a257b042fbdae07aca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:29 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5013
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:28 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=6mogNnxhMWlXRk0yZVMyMmxTWk8yV1RRL242bGdZNUNQWlBsOFZNSlhsZHllQjRyMXR1N0ZlZDhwbmRWK0NtUy9ZWmlFdjZsanRPVTBVbGhSRHN3azFvRFk3c3oxYnJ6WFRrbnJnZ3Q1NlllU2tnSU95aHFFbnE5UUErNEFhYUFEcFk4WWxUVHB1bXAxeHBQdjFuZ09PdmNnWnhxZ1lNaFloM3p1NWVNOVlNTmkyTHRKcCtVQWZqVVJ5R3NhekRjQjBlMXdrR0xOL0t1bkNLa2VNbmxoR2ZiWi9RcDNYb293T1hoM040TjNaSVVqck5uR2UvS2ZuSTg3QzRuTllBajhWdmFtM0t6Wmo0aEp1eHh5bDFRU0F4QlNuZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1777
content-length
541
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B05 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
35814
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Apr 2022 15:54:35 GMT
expires
Thu, 13 Apr 2023 15:54:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9D63 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0781f59d87b5ab5ff9035d621c6b513f69bbfd69a350f13d26fc46dbf137048c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-okeM7ts6GIHVAr0nV49vLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-okeM7ts6GIHVAr0nV49vLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:29 GMT
expires
Thu, 14 Apr 2022 01:51:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
pagead2.googlesyndication.com/bg/ Frame 7B05 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 13 Apr 2022 01:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
86670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13643
x-xss-protection
0
last-modified
Mon, 11 Apr 2022 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Apr 2023 01:46:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9D63 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022040701&jk=1762467406505537&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7B05 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_Jec-A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame 93B7 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_a98f4fbf.js
vpaid.springserve.com/production/ Frame EA21 		501 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8323dcd0d6c7d37f497b52f8a3fe466c47557e24a4a2298fd6dfe45d95e1131

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:20:35 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 14:13:06 GMT
server
AmazonS3
age
473455
etag
W/"6b701f638e0fd2494eaafda977ef4c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
zxrZLzYlXTesv9Yv7mt0GM8QrEfJA6PzLTbdBeiYRZw6Ie7gwW4w4g==
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8B4C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:29 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6D05 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:29 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 781F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_quem.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 01:51:29 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
track
aktrack.pubmatic.com/ Frame 48F2 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901087&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
content-length
0
content-type
text/html
usync.js
eus.rubiconproject.com/ Frame 781F 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42070
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Thu, 14 Apr 2022 13:32:39 GMT
t
t.lkqd.net/ Frame ED86 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:29 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:29 GMT
server
nginx
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame EA21 		985 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33e63ed9f45c708cdca8ca112a1fbbaa8c3a46a9363693f302b7c978a8950bad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:29 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Thu, 14 Apr 2022 01:51:29 GMT
prebid
ib.adnxs.com/ut/v3/ Frame EA21 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ce8eeed627b6b2d98ce7c754c2cc4435152c9bd6d6b17ac2e1f1ae7036ab43ad
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:29 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ddcbba85-b0de-4c3d-8b93-d5a20fecf001
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8B4C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:29 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2eb09af4-2d90-4381-8a88-8c62ec07b73d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D05 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:29 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
18050f9a-e8dd-474e-a9bb-6cc2169b364e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 930F 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4D5D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81766
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:29 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 930F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81766
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4D5D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70823043&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
28c21e154d55d88ba8a078c17cb30a7e30ad3835a47500905caa44c85062669c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1664
content-type
text/html; charset=UTF-8
redir
rtb-csync.smartadserver.com/ Frame 0042
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHRjgwN0VydndBQURZendGSEo2QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAGF807ErvwAADYzwFHJ6A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAGF807ErvwAADYzwFHJ6A&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGF807ErvwAADYzwFHJ6A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGF807ErvwAADYzwFHJ6A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Thu, 14 Apr 2022 01:51:29 GMT
transfer-encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Thu, 14 Apr 2022 01:51:30 GMT
Server
nginx
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAGF807ErvwAADYzwFHJ6A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
strict-transport-security
max-age=2592000; includeSubDomains
pub
matching.truffle.bid/sync/ Frame 9BFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 14 Apr 2022 01:51:29 GMT
Server
nginx/1.21.3
Strict-Transport-Security
max-age=15768000
i.match
s.tribalfusion.com/z/ Frame 3A5A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fb8cbf55813375c-MXP
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 14 Apr 2022 01:51:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
6fb8cbf40f44375c-MXP
content-type
text/html
date
Thu, 14 Apr 2022 01:51:30 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
13157
cookiesync
core.iprom.net/ Frame 52EA 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Apr 2022 01:51:29 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-ffd3e94715d0@version_1.413
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame 9AEB 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 14 Apr 2022 01:51:29 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-4
server
Cowboy
Pug
image2.pubmatic.com/AdServer/ Frame BF2D
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=0a9d84ad0678b7d0/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagRQSWgQaUTShTQa
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagRQSWgQaUTShTQa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Apr 2022 01:51:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
lhrpug003:0:529

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=39puKE4JagRQSWgQaUTShTQa
Pug
simage2.pubmatic.com/AdServer/ Frame 7CED
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1649901089860
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Apr 2022 01:51:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
10:0:549

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 14 Apr 2022 01:51:29 GMT
etag
OPTOUT
expires
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
server
Tengine
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame E279
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=468d1dc8-8053-416c-81ba-ff2b168f0973-tuct95103a1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
77 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=468d1dc8-8053-416c-81ba-ff2b168f0973-tuct95103a1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 14 Apr 2022 01:51:29 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4070-HHN
x-timer
S1649901090.855426,VS0,VE16

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 14 Apr 2022 01:51:29 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=468d1dc8-8053-416c-81ba-ff2b168f0973-tuct95103a1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4039-HHN
x-timer
S1649901090.832202,VS0,VE15
x-vcl-time-ms
15
ids
idsync.frontend.weborama.fr/ Frame 4D5D
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1348774060
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:29 GMT
via
1.1 google
last-modified
Thu, 14 Apr 2022 01:51:29 GMT
server
nginx/1.18.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
date
Thu, 14 Apr 2022 01:51:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
qmap
sync.crwdcntrl.net/ Frame 4D5D
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=0&gdpr_consent=&ct=y
49 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
52.30.14.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-14-23.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
expires
0
cache-control
no-cache
x-server
10.45.25.249
content-type
image/gif
content-length
49
x-consent
absent

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.7.141
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4D5D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7704152931637928568
42 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7704152931637928568
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:29 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:394
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:29 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
95a7ada4-799f-4389-ae69-8ab9a037b512
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7704152931637928568
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 4D5D 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:29 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022040701&jk=1762467406505537&bg=!REelRwPNAAZvJBiFTyQ7ACkAdvg8Wte-LmO3VC9JEeTritQxdqIvgeqvspHy9v2FLP20Jmn6QBj7hgIAAABtUgAAAAJoAQcKAOGhBX7n7H9sJ6vZcah4VvqJve_R_gBL8nXRz-ahn7jPBC7S-k4xtOmzVOvocOs2V6CegzVFN_33AhhTVCtbdR6ZITPNO3nqJYhnXw3YdMoTs8y2bF2Tq4r0Yqg_IXLspcFWaaxmir2T-p5EnUG1ZRnUJHa7JNOZ0dD9Ho22VpMUcv4OY7ne3Y0O78Li76FIg_eD94LNJztmYTK3084YbEKXQ0T3sln-OAKfYC437OH5lXf1FUQZ9w9Y1JCeDTknFxnI24L8yRTgQOCjyTAhAVakK42laY7ve_FwaHUaVCkaB4yZAq8AUI0juAbKcRAay_DpUKvzpMd6E-k5r1ZY5nmrA7GUUYnL9o86-C5BOJr8rBCuGhTC9AUHhKQkxcXamFJfv5yTBoqulhZZAqeXeSRDnha2AAvZ-JvITjHpIjvnabF1maNvsSvOR21_NBJg9uyN1WjfxC7OoxuNt6cui58TYM_M4NH9YIbJLVlYRLMiq7ZqOsGSuy9PS4PBrt5lW3W2aSyMDRyMHWi_4OX3P4_U95ryPg0QjUQYFTjiMLD_klQw-882UHwck7UjudeP3Itjfr6De2XfZcc5zSXRrBJBU0C8IlqY5fl01hbk_CNQZZpnd3wiiuBxVHgLps4A4NaBWP157tkoDuOYkMFM-0wTc2xKVEU0lydXT3akZreRDX8N-_6e9VRASWJAdEL5USA0XHejumGmlctPaErIg9IIthh9mTqK4MsX5vM46m9WbK9gF3qlDLfKBKBVjXV0aejBpazqmehH9Dl9EuGBompCZd8ZLY_32svwVr6mDuKYmUacpT8xNnJh6IJWBnLwXVk2t8nlrzV3_-gY11iiXuQ8k06W8qbWnVE3c-QZFNzrgEny58jGbAtHw__DZaU41AYc0u5tB0mXWa6x7gdO8SFcWrNKvhBuLCwp-dZgUj8BtfvvhDhxDnlBSYqlJNFdWueeYkv2pPk96ecRM7W9di2oEhuhfQAi2Tg3_TVI6qoMBmZ_cvOghjtImbiJ6DqhHNZC_wy_xet5zZ4NARTOXyieesamqlNVMEO6kvHLIxyRETjj4MDgYIqdqCmdsmC3hE5Td0xbUqlCKb1Cyj_r0u2rwX9HXybnh1d0Fs_VEJNEupareiFItZvPixiJjo87ZmOemc8btf0FodYH6TykpdKhvO9IBUjIlnIJLERO2-tzfLKAYrSEjXqAq195JwqVf7CM2cs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 930F 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,&us_privacy=&cb=1649901091271&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:31&ranreq=0.26186037732533674&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:30 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame EA21 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e491d24944a1cbd73924dbbf48cae3a4b82ff0b84f84c75111e64f1369d8d2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:30 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:30 GMT
track
aktrack.pubmatic.com/ Frame EA21 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901089&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:30 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame B3F2 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:30 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame F24B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81765
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:30 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame B3F2 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:30 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81765
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F24B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=42852807&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7e7b13348f7633fcb88924e671b71ad10d7c1fa5498473dafb62ad56eb442096

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1408
content-type
text/html; charset=UTF-8
cm
docker.creative-serving.com/ Frame 72BF 		0
0
141
match.deepintent.com/usersync/ Frame 749F 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 14 Apr 2022 01:51:29 GMT
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame E2F6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:N1yNz4lE1NEODS5&gdpr=0&gdpr_consent=
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:N1yNz4lE1NEODS5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 14 Apr 2022 01:51:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sv3pug013:0:537

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Apr 2022 01:51:29 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:N1yNz4lE1NEODS5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync
match.bnmla.com/ Frame 0F5A
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=A3BDC2EA93AF4364963906C238B29D73
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2425
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A3BDC2EA93AF4364963906C238B29D73
1 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A3BDC2EA93AF4364963906C238B29D73
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.120 West Chester, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Thu, 14 Apr 2022 01:51:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
x-lat
sv3pug010:0:1405

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Thu, 14 Apr 2022 01:51:30 GMT
expires
Wed, 13 Apr 2022 01:51:30 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:A3BDC2EA93AF4364963906C238B29D73
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
d1ba4609
rtb.gumgum.com/getuid/ Frame F24B 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:30 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame F24B 		0
0
async_usersync
ib.adnxs.com/ Frame 8B4C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:30 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a3bad7a-4a9d-49a0-8f83-6151b81aed34
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6D05 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:30 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e3456c73-8c0b-4bc7-bc04-bb6cefea6942
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame B3F2 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,&us_privacy=&cb=1649901091938&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:32&ranreq=0.36084272032218&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame EA21 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=a86162ba&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.212.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-212-22.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:31 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame EA21 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901090&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-length
0
content-type
text/html
vpaid_a98f4fbf.js
vpaid.springserve.com/production/ Frame 827C 		501 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8323dcd0d6c7d37f497b52f8a3fe466c47557e24a4a2298fd6dfe45d95e1131

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:20:35 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 14:13:06 GMT
server
AmazonS3
age
473457
etag
W/"6b701f638e0fd2494eaafda977ef4c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Kl6o5x8HEPVkyKsLowFPgQKqlfWj_vyiGFOiFTJIL1hxqEEUrBIWOA==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 827C 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ca6f34c643bf09ae06fb8a1d1f0b7d7d3e8c6f83b3dd4958598e1b85b98ee0ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:31 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 827C 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ee1e36a738d18041169fee02c16797ac2d61ac9e6499128e6d4b5226fa8e67ed
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:31 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
93e1f994-7a03-4521-9dfe-922a285df44a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1FA2 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6DD1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81764
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:31 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1FA2 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81764
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6DD1 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=70911294&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
47
content-type
text/html; charset=UTF-8
t
t.lkqd.net/ Frame ED86 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:31 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:31 GMT
server
nginx
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
124 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:31 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1FA2 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,&us_privacy=&cb=1649901092734&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:33&ranreq=0.3680000844584508&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 827C 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ca6f34c643bf09ae06fb8a1d1f0b7d7d3e8c6f83b3dd4958598e1b85b98ee0ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:31 GMT
track
aktrack.pubmatic.com/ Frame 827C 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901091&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 7B4B 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6463 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81764
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:31 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7B4B 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:31 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81764
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 7B4B 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,&us_privacy=&cb=1649901093383&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:33&ranreq=0.12313067007260381&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901086019,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:32 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 827C 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=b8c7b00c&ps_id=357265&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.212.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-212-22.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:32 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 827C 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901091&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:32 GMT
content-length
0
content-type
text/html
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:32 GMT
server
nginx
t
t.lkqd.net/ Frame ED86 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:32 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
VideoBidRequestHandlerServlet
wf.taboola.com/ 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=619&height=348&pubid=169497&tagid=953497&crid=6168135&noaop=3&sortOrderType=0&cb=1649901094335&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1388&pt=305934050&tz=0&viewable=true&ddast=V7aAgCFgOyIzBihP5VAQSyIzBihP5VAQUAAAAGBuIHGzhcMDa7FWkwWq6Wg91utBgtJ6PlYjPbDWEDhwvGZrciDUbL1XKw220Wy-FiNFqMZqMpZAjL7PcdhHy3y_DwuQyiouttsTucZs8bPNB0Onyue73kZXt6Tg_H6-W268x-i9-u8bv9cgAAAAB4APDyOIL4AQQAiAAAAACQAAAAAKAIqPi3ELgAAAAAwABIWIvRAIDiKBDLw-vyBwDAwwMIAIAABgmAQeZRCYCJYcMJAAAAAAAAAADL____f8xAvWaczID-9kUPwIMPwANRgXIRIwAAAIBsoEuio0mdUFlUAQAQpFsBXAEABACWEIdGhAEAAACIsYdG5--R5gqOLdDD4vebHXaN3-0yAAAAAAAAAACz_7N_NKGqKPa0oANXCrVfQACAtV9AAAC2cQMAeBOACzkPNJ0On-teL3nZnp7Tw_F6ue06s9_it2v8br_oAmB1CrEbzga7yWK3mB0AAADA3f___z8ee2h0_h5prqAeyM08nsHG5DDtZqaJw2JbbQwL48Q28Zgmw91y49we_k-pvPDl505fhrDMft9ByHe7DA-fyyAqut4Wu8Np9txvwhaj1WSyWQ5ny8VkMBwNR6P9DcRgMMCJGCyXk8lisluNVqPNcDeaDRYoEIMJUrRoMFmNRpPFZLgaTVaz5WK32yBFq1az0WYwXM0ms91uNRwMl6MRTthitJpMNsvhbLmYDIaj4Wg0RJiYTEyWlcey1q12i7VotrCslRvDbK0wToazyWI181gmbtHrY3quFoPNcuJFwYCNvQgu0onK5DT9LQ-f2W_xuyUv29NzejheL7dFLNGcLNKJ7LLvzTyewcbkMO1mponDYlttDAvjxDbxmCbD3XLj3DcmE5Nl5bGsdavdYi2aLSxr5cYwWyuMk-FssljNPJaJW_T6mJ6rxWCznPgbs9FyOVgMhqN9YzZaLgeLwXC07zCZnqnP2ej6m1MemeblOm4bNodB4TIYvT-JaTHtzg6i3-_otBmGyaLOKLx1j16DwnPwmCbKlFhn7cuExeRV4TgYFLFEcLpIJ0K_22URSyRPi3SiGk4Ws9Vu5PDNnIPJYjnxbQyj3WqyGQ02o4nLMRFLlKaLdKKXqP_YIIvdXDaaK1aLuWy4SgAAAAAAAAAAS5gzbwIAAABwGtBmMlqtlgsg8TepCwwCAAAAAACwe2oAW2KK9adf3PgxRpmcpr_l4TP7LX635GV7ek4Px-vltjKAhJso82bPBLFWq2UNAABAgA0AABDArZu3QNNKDg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=2524685&dpubid=432455&abtst=Noapp22_vB!adh5c-1_vA!eidc_vB!iiq8c_vC!iiqd1_vB!iiqd2_vB!iiqd5_vB!inc_video_vA!mtbw_vB!pblc_vE!spa2_vB!t45!t45!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Frevistaquem.globo.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
19efc3e5acf9c274b1634e7992767a7ced22ba153acdb67a85edd172292f1ac5

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:32 GMT
content-encoding
gzip
access-control-allow-origin
https://revistaquem.globo.com
machineid
1439
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4039-HHN
pragma
no-cache
server
nginx
x-timer
S1649901093.838134,VS0,VE34
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://impr.taboola.com>; rel=preconnect,<https://ads.stickyadstv.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
CreativeDisplayer
impr.taboola.com/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://impr.taboola.com/CreativeDisplayer?adId=6602525&excid=22
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d6ad6c6b790e497ee9722a1fbf0f7a148305e1e4f055c129ce41bd2eb01aa1da

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:32 GMT
via
1.1 varnish
server
nginx
x-timer
S1649901093.907495,VS0,VE16
x-served-by
cache-hhn4070-HHN
x-cache
MISS
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=8225217&_fw_gdpr=1&schain=1.0,1!taboola.com,1212307,1,749036306&_fw_us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:32 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649901092561031-542
Expires
Thu, 14 Apr 2022 01:51:32 GMT
moatvideo.js
z.moatads.com/taboolajsvideo2446883476/ 		347 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/taboolajsvideo2446883476/moatvideo.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v13.8.8/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3bdaf6133ae7de97fb03c6261445580d9868ce51d260bda0bfe71024c03dd790

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:32 GMT
content-encoding
gzip
last-modified
Thu, 24 Mar 2022 16:09:27 GMT
server
AmazonS3
x-amz-request-id
C606BJQXXP8SWGBZ
etag
"25dd56c7fb272cda62b2fc58141098b3"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=34639
accept-ranges
bytes
content-length
114933
x-amz-id-2
4ekxBZol6bAW+Mib6Y5ckh6dIlFMBPJYgVREr4HAB04MQGBZegUgUh9pqwQEekdjeGrVTyvgKLM=
egscanogvjyevmep6k6m_DESKTOP.mp4
vidstat.taboola.com/uploadedVideos/232325/ 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/uploadedVideos/232325/egscanogvjyevmep6k6m_DESKTOP.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05fc25c3ad98f628b851875b9d1d369fc319b2aacdd7cb69a7cc1220cf762e6d

Request headers

Referer
https://revistaquem.globo.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 14 Apr 2022 01:51:32 GMT
via
1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront), 1.1 varnish
age
784956
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-3171523/3171524
x-amz-meta-md5-hash
51ce1fa36d6a928019f3ce1a9770b5f9
Content-Length
3171524
x-served-by
cache-hhn4039-HHN
last-modified
Mon, 07 Mar 2022 03:50:59 GMT
server
AmazonS3
x-timer
S1649901093.936188,VS0,VE0
etag
"51ce1fa36d6a928019f3ce1a9770b5f9"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
rPcQKHEC5UPPOPtEKaU42tzotPwirSkfIZPWUucek_OF0OTOwWplFQ==
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TABOOLAJSVIDEO1&hp=1&wf=1&ra=2&pxm=7&vz=-&zp=0&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1649901094482&de=7238338775&m=0&ar=9f397fe3151-clean&iw=2aaf67f&q=6&cb=0&ym=0&cu=1649901094482&ll=2&lm=0&ln=0&r=0&em=0&en=0&d=WIDGET_ITEM%3A203735%3A67132565%3Arevistaquem.globo.com&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Frevistaquem.globo.com%2F&id=1&ii=4&zMoatOrigSlicer1=%2F%2Fvidstat.taboola.com%2FuploadedVideos%2F232325%2Fegscanogvjyevmep6k6m_DESKTOP.mp4&zMoatOrigSlicer2=953497&zMoatDomain=globo.com&zMoatSubdomain=revistaquem.globo.com&gw=taboolajsvideo2446883476&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A3301%3A3301%3A9692%3A3362&jm=-1&fs=197724&na=7859364&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 14 Apr 2022 01:51:33 GMT
ad
v.lkqd.net/ Frame B799 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135549&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Frevistaquem.globo.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=92957284&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.115 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d4bad622f0b9836d5ef0297fa59e8a786d8d2350061ca21f660ef16f8e0e7424

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1353
vpaid.js
ad.lkqd.net/vpaid/ Frame 4174 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 21:06:56 GMT
etag
"cca1f428155a1f13b17a4684f2c8ef1c"
x-hw
1649901093.cds288.lo4.hn,1649901093.cds059.lo4.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62015
usync.html
ad.lkqd.net/cookie-sync/ Frame 1970 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 14 Apr 2022 01:51:33 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1649901093.cds288.lo4.hn,1649901093.cds074.lo4.c
ad
v.lkqd.net/ Frame 4174 		74 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135549&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Frevistaquem.globo.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=92957284&m=&rtv=1&thost=revistaquem.globo.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.115 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
dc5b76f7cd8e048e433f45a59d4519f5df24c8866ea7980b58838a590aed34a5

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
5626
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1135549&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Frevistaquem.globo.com%2F&dnt=0&c1=&c2=0&c3=1.0%2C1!vidoomy.com%2C59871%2C1%2C&c5=&c6=59871&rnd=92957284&m=&rtv=1&thost=revistaquem.globo.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.115 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
cs
cs.lkqd.net/ Frame 1970
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6545ada4-83a7-45ef-a10e-39cd1c0dcc16
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6545ada4-83a7-45ef-a10e-39cd1c0dcc16
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6545ada4-83a7-45ef-a10e-39cd1c0dcc16
date
Thu, 14 Apr 2022 01:51:33 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 1970 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 1970 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 1970
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7896357961865025998
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 1970
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.192 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=pQHog5hZRXJyywhxFGiggdlAl0Q
Date
Thu, 14 Apr 2022 01:51:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
t
t.lkqd.net/ Frame 38AE 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
av
vidoomy-d.openx.net/v/1.0/ Frame BA0C 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Frevistaquem.globo.com%2F&cb=1956194667&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C78408668283704885501066779081,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
text/xml
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
218945
search.spotxchange.com/vast/2.0/ Frame BA0C 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=http%3A%2F%2Frevistaquem.globo.com%2F&cb=121215574&player_width=400&player_height=225&regs[gdpr]=0&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C78408668283704885501093714624%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:33 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000274
X-SpotX-Timing-SpotMarket
0.006014
X-SpotX-Timing-Page-Mux
0.000213
X-SpotX-Timing-Page-Require
0.000318
X-fe
049
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
Content-Length
77
X-SpotX-Timing-Page
0.008876
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000292
Last-Modified
Thu, 14 Apr 2022 01:51:33 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006014
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
X-SpotX-Timing-Page-Misc
0.001752
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame BA0C 		67 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C78408668283704885501255352520,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1649901092773089-580
Expires
Thu, 14 Apr 2022 01:51:33 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame BA0C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C19170319777840866828370488550,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
55311cd7d419842cf735cfcd71ad0ce95c25baec490b99a78e269240e0014b8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1158
x-sticky-vk
1649901093258035-517
Expires
Thu, 14 Apr 2022 01:51:33 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame BA0C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C78408668283704885501128204519%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4f96151d2175bec22bbe80198929c8b07d52a4ace4a0238564d67574e7630262

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1649901092874067-574
Expires
Thu, 14 Apr 2022 01:51:33 GMT
7585793
ads.stickyadstv.com/vast/vpaid-adapter/ Frame BA0C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=0&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C78408668283704885501252269174%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f358522b256e8e0fbf7eaf8d1656e40d342378b397173d37abf1ad070bc32869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1192
x-sticky-vk
1649901093461016-571
Expires
Thu, 14 Apr 2022 01:51:33 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame BA0C 		1015 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0%2C1%21vidoomy.com%2C59871%2C1%2C15874896897840866828370488550%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fe9044144a9e2528f344d160e470b0d0d54023fc9a5314a6691cc6ca6c488be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
628
expires
Thu, 14 Apr 2022 01:51:33 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
t
t.lkqd.net/ Frame 38AE 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 4174 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_a98f4fbf.js
vpaid.springserve.com/production/ Frame 6CB3 		501 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8323dcd0d6c7d37f497b52f8a3fe466c47557e24a4a2298fd6dfe45d95e1131

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:20:35 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 14:13:06 GMT
server
AmazonS3
age
473459
etag
W/"6b701f638e0fd2494eaafda977ef4c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
-mYYOgUC_xSbtnqN0MrcRKvvZc98b1lo2akFie2KNzxcdzuN0MnSNg==
t
t.lkqd.net/ Frame 38AE 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame 51DE 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:33 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 6CB3 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e6809cdc2d43423c1bf1fd341a725f9e59cc5c3b7eb9bf45ddfb41ca61a35f93
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bc465eba-3119-4910-8f7c-0f632f864101
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ssusersync
vid.springserve.com/ Frame 6CB3 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/ssusersync
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.225.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-4.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8f57c27c59dd99a164f294f700e0bb210f118b46190fba22c7c96b4b41ec5f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
4651
content-type
application/javascript
async_usersync
ib.adnxs.com/ Frame 51DE 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
58db978e-d35a-4816-9379-36d5820921b8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
14048
rtb.gumgum.com/usync/ Frame 1EA6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
78feddd6c0851ce96f7af29ee2a51c3445c276b4ef7ad940d15ac351cd71dacc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 14 Apr 2022 01:51:33 GMT
etag
W/"07bf28331978e6e7f633e0df65a82586e"
server
nginx
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5A59 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157226
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:33 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Apr 2022 21:31:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
sync.springserve.com/ Frame 6CB3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6782447-8a33-4352-b4db-5d5384820d55
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
syncb
sync.bfmio.com/ Frame 6CB3 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?pid=111&gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.97.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 14 Apr 2022 01:51:33 GMT
um
cs.emxdgt.com/ Frame 6CB3 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-length
0
content-type
text/html
usersync
sync.springserve.com/ Frame 6CB3
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D&gdpr=1&gdpr_consent=&s=184932&us_...
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
319
Expires
Thu, 14 Apr 2022 01:51:33 GMT
sync
pixel.advertising.com/ups/58185/ Frame 6CB3
Redirect Chain
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
  • https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true&verify=true
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true&verify=true
Protocol
H2
Server
52.59.41.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-41-116.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true&verify=true
date
Thu, 14 Apr 2022 01:51:33 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
prebid
rtb.openx.net/sync/ Frame 6CB3 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
p1fg551fhclhaf44fidaq6n466qkphq7
usersync
sync.springserve.com/ Frame 6CB3
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uu...
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=8Kyz2GlMKjA1&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=8Kyz2GlMKjA1&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=8Kyz2GlMKjA1&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84dd458cf8-vrh4b
expires
-1
usersync
sync.springserve.com/ Frame 6CB3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_...
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
us.gif
sync.go.sonobi.com/ Frame 6CB3 		49 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?gdpr=1&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
sync.springserve.com/ Frame 6CB3
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privac...
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
nginx
Location
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
52
Connection
keep-alive
Content-Length
0
verify
pbs.publishers.tremorhub.com/pubsync/ Frame 6CB3
Redirect Chain
  • https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid...
  • https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D...
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.publishers.tremorhub.com/pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Protocol
H2
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
pubsync/verify?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
date
Thu, 14 Apr 2022 01:51:33 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
usersync
sync.springserve.com/ Frame 6CB3
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
date
Thu, 14 Apr 2022 01:51:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbsync
ads.yieldmo.com/ Frame 6CB3 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.116.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
occ
ups.analytics.yahoo.com/ups/58518/ Frame 6CB3 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58518/occ?gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 6CB3 		985 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
41cf19d46a66e868f5d95cb4901a0e16f5c3fa8aab7a729ba3c4b5f528bfa48c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Thu, 14 Apr 2022 01:51:33 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 02B5 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
usersync
sync.springserve.com/ Frame DE50 		43 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.springserve.com/usersync?aid=1000010&gdpr=1&gdpr_consent=&us_privacy=&uuid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
usersync
rtb.gumgum.com/ Frame 1EA6
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7704152931637928568
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7704152931637928568
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:33 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7924b378-f298-4708-9dc3-572074f27608
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7704152931637928568
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 1EA6 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4c91ee17-416b-4afe-83e4-92245583aca5&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.19.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-19-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame 1EA6
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%283Wrph3i1u-ZjEvvjzZwKTrifJGNFrClfGDk4GGHCKTwW8kcjAaqSAfhsMPRASLir%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4c91ee17-416b-4afe-83e4-92245583aca5&obuid=ENC(3Wrph3i1u-ZjEvvjzZwKTrifJGNFrClfGDk4GGHCKTwW8kcjAaqSAfhsMPRASLir)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3Duuid%3D%5BRX_UUID%5D%26obUid%3D3Wrph3i1u-ZjEvvjzZwKTrifJGNFrClfGDk4GGHC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1649901094847
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Server
70.42.32.127 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:34 GMT
Cache-Control
no-cache
X-TraceId
6edba45b164da184849044a895e3f588
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
cache-control
no-store, no-cache, must-revalidate
expires
0
cm
us-u.openx.net/w/1.0/ Frame 1EA6 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame 1EA6 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.3.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-3-24.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:33 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 1EA6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-FiF5Y75E2pfqBnICWz5g1hQOJqtHrrZnFG5.~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-FiF5Y75E2pfqBnICWz5g1hQOJqtHrrZnFG5.~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 14 Apr 2022 01:51:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-FiF5Y75E2pfqBnICWz5g1hQOJqtHrrZnFG5.~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
rtb.gumgum.com/ Frame 1EA6
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=69d635b5-bb95-11ec-b279-83219ceaa7a0
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=69d635b5-bb95-11ec-b279-83219ceaa7a0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=69d635b5-bb95-11ec-b279-83219ceaa7a0
Date
Thu, 14 Apr 2022 01:51:33 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
69d635b6-bb95-11ec-b279-83219ceaa7a0
services
sync.technoratimedia.com/ Frame 1EA6 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
608276091
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 1EA6 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 1EA6
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4c91ee17-416b-4afe-83e4-92245583aca5&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 1EA6
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Server
34.241.76.6 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
server
envoy
content-type
image/gif
cache-control
private, no-store, must-revalidate, max-age=0
x-envoy-upstream-service-time
5
x-region
ireland
content-length
35
expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
date
Thu, 14 Apr 2022 01:51:34 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 1EA6
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://sync.1rx.io/usersync2/floor6?zcc=1&cb=1649901093931
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:33 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
rtb.gumgum.com/ Frame 1EA6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=aMW0rjWsfaht&ev=1&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=aMW0rjWsfaht&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://rtb.gumgum.com/usersync?b=pln&i=aMW0rjWsfaht&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84dd458cf8-vrh4b
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 1EA6 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-length
0
usersync
sync.springserve.com/ Frame 1EA6 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000004&gdpr=1&gdpr_consent=&us_privacy=&uuid=e_4c91ee17-416b-4afe-83e4-92245583aca5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:33 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
usersync
rtb.gumgum.com/ Frame AFD8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=18576257-7e1d-4600-b186-4b87cea796dd&gdpr=1&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=18576257-7e1d-4600-b186-4b87cea796dd&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 14 Apr 2022 01:51:34 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 14 Apr 2022 01:51:33 GMT
Expires
Thu, 14 Apr 2022 01:51:32 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4335 2c68c00 master ord-pixel-x18 config:1.0.0
location
https://rtb.gumgum.com/usersync?b=mmh&i=18576257-7e1d-4600-b186-4b87cea796dd&gdpr=1&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame A9B3 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 14 Apr 2022 01:51:34 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4028-HHN
x-timer
S1649901094.929515,VS0,VE94
pixel
cm.g.doubleclick.net/ Frame 559F 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YzkxZWUxNy00MTZiLTRhZmUtODNlNC05MjI0NTU4M2FjYTU=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C6E1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157226
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:33 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Apr 2022 21:31:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6BE8 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 14 Apr 2022 01:51:33 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usync.html
eus.rubiconproject.com/ Frame 8F03
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 01:51:33 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Apr 2022 01:51:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
um
cs.emxdgt.com/ Frame C04A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Thu, 14 Apr 2022 01:51:33 GMT
usersync
rtb.gumgum.com/ Frame C8EE
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=Yld.JsCo8X0AAOJfg40AAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=Yld.JsCo8X0AAOJfg40AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 14 Apr 2022 01:51:34 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 14 Apr 2022 01:51:34 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=Yld.JsCo8X0AAOJfg40AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
56
X-SO-HostName
a-ad40072.dc2p.scaleout.jp
X-SO-IP
217.64.151.68
X-SO-Key
Yld.JsCo8X0AAOJfg40AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":56,"gdpr":true,"ipv4":"0.0.0.0","key":"Yld.JsCo8X0AAOJfg40AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40072"}
X-SO-LB-Hostname
m-tgng25.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40072
usersync
rtb.gumgum.com/ Frame 569D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=8opCbLz1Th8XQmx5u6rL&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=8opCbLz1Th8XQmx5u6rL&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 14 Apr 2022 01:51:34 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 14 Apr 2022 01:51:33 GMT Thu, 14 Apr 2022 01:51:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=8opCbLz1Th8XQmx5u6rL&pi=gumgum&tc=1
pragma
no-cache
showad.js
ads.pubmatic.com/AdServer/js/ Frame 89B9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81762
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:33 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 02B5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81762
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
usync.js
eus.rubiconproject.com/ Frame 8F03 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42065
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Thu, 14 Apr 2022 13:32:39 GMT
usersync
usersync.gumgum.com/ Frame 5348 		35 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.76.6 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif
date
Thu, 14 Apr 2022 01:51:33 GMT
expires
0
pragma
no-cache
server
envoy
x-envoy-upstream-service-time
5
x-region
ireland
sync.php
pixel.rubiconproject.com/exchange/ Frame 8F03 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L1YCI8FD-1G-5SWN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 02B5 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,&us_privacy=&cb=1649901095455&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:36&ranreq=0.22573520235097244&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
web
onesignal.com/api/v1/sync/58b810d3-12bc-4b9d-9b95-0c26ba88404c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/58b810d3-12bc-4b9d-9b95-0c26ba88404c/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26dc3fe44f9b1a9e39ba2d7946b5d0a96a1dcf95651c2f85bae51c46e59c4628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://revistaquem.globo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-permitted-cross-domain-policies
none
status
200 OK
x-envoy-upstream-service-time
25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c58340bb-7f62-4322-8d58-c374f2f27826
x-runtime
0.024595
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"26dc3fe44f9b1a9e39ba2d7946b5d0a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6fb8cc10f90983a0-MXP
access-control-allow-headers
SDK-Version
expires
Thu, 14 Apr 2022 02:51:34 GMT
editora
horizon-track.globo.com/event/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://horizon-track.globo.com/event/editora
Requested by
Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.79.33 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
33.79.211.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryaf28auWcW5Ydv0DW

Response headers
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 6CB3 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
403ea6924e31024aed5cc65a54077870bf6ed5ec8fd8d44485c5fedef2ffc59a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:34 GMT
track
aktrack.pubmatic.com/ Frame 6CB3 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901093&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame D41D 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2677 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81761
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:34 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame D41D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81761
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
async_usersync
ib.adnxs.com/ Frame 51DE 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:34 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
92e7795a-1499-4a02-acb3-d86f9fd2ea0a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
OneSignalSDKWorker.js
revistaquem.globo.com/ Frame 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame D41D 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,&us_privacy=&cb=1649901096163&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:36&ranreq=0.8559106822053595&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 6CB3 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=b792ba9e&ps_id=487310&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.212.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-212-22.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 6CB3 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901094&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
content-length
0
content-type
text/html
vpaid_a98f4fbf.js
vpaid.springserve.com/production/ Frame 9EBF 		501 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8323dcd0d6c7d37f497b52f8a3fe466c47557e24a4a2298fd6dfe45d95e1131

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:20:35 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 14:13:06 GMT
server
AmazonS3
age
473461
etag
W/"6b701f638e0fd2494eaafda977ef4c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
SkG7yCT8gfZTAL_6uEq2UhZLON4VPpVn7ZQPy2j_SKz-szAaLK1arw==
async_usersync.html
acdn.adnxs.com/dmp/ Frame 618C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:35 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:37 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9EBF 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
61f2c377b1c025f819f49dadef6fe1c4b6eb2e340c4cbe9c70f5d43b6e95a598

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:35 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:35 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9EBF 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b86ed51fae7de953cf4b0940c6edfc04611befeb61cfd913b736ff079250d83e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:35 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dc1426a7-ef99-4a6a-be99-e724f77f3f28
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ssusersync
vid.springserve.com/ Frame 9EBF 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vid.springserve.com/ssusersync
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.225.4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-225-4.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8f57c27c59dd99a164f294f700e0bb210f118b46190fba22c7c96b4b41ec5f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
4651
content-type
application/javascript
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1A98 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
async_usersync
ib.adnxs.com/ Frame 618C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:35 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4a133ed1-00e8-49c6-99d1-ae789b5b2eac
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t
t.lkqd.net/ Frame 38AE 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:35 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
usersync
sync.springserve.com/ Frame 9EBF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000001%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:35 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fa2c1e5d-d389-4460-a0c2-9d45d7dc4470
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.springserve.com/usersync?aid=1000001&gdpr=1&gdpr_consent=&us_privacy=&uuid=7704152931637928568
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
sync.springserve.com/ Frame 9EBF
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=184932&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000005%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.springserve.com/usersync?aid=1000005&gdpr=1&gdpr_consent=&us_privacy=&uuid=Yld.JZIV6dZRMR1hZNwGRQAA%261106
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
319
Expires
Thu, 14 Apr 2022 01:51:35 GMT
prebid
rtb.openx.net/sync/ Frame 9EBF 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000008%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24%7BUID%7D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
dctkn7betlelp2c8kfoguj9c8issdrq2
usersync
sync.springserve.com/ Frame 9EBF
Redirect Chain
  • https://bh.contextweb.com/rtset?gdpr=1&gdpr_consent=&us_privacy=&pid=561910&ev=1&rurl=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000011%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uu...
  • https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=UjB2HmLT2HBI&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=UjB2HmLT2HBI&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://sync.springserve.com/usersync?aid=1000011&gdpr=1&gdpr_consent=&us_privacy=&uuid=UjB2HmLT2HBI&ev=1&us_privacy=&gdpr_consent=&pid=561910&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-84dd458cf8-vrh4b
expires
-1
usersync
sync.springserve.com/ Frame 9EBF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000012%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BRX_...
  • https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:35 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://sync.springserve.com/usersync?aid=1000012&gdpr=1&gdpr_consent=&us_privacy=&uuid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
us.gif
sync.go.sonobi.com/ Frame 9EBF 		49 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?gdpr=1&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000013%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5BUID%5D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
sync.springserve.com/ Frame 9EBF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&gdpr_consent=&us_privacy=&adv_id=8593&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000014%26gdpr%3D1%26gdpr_consent%3D%26us_privac...
  • https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

Date
Thu, 14 Apr 2022 01:51:35 GMT
Server
nginx
Location
https://sync.springserve.com/usersync?aid=1000014&gdpr=1&gdpr_consent=&us_privacy=&uuid=64f7e13e-bb95-11ec-9ac0-1189f5600506
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
89
Connection
keep-alive
Content-Length
0
pubsync
pbs.publishers.tremorhub.com/ Frame 9EBF 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.publishers.tremorhub.com/pubsync?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000015%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%5Btvid%5D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:6e00:7b23:6545:3513 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
usersync
sync.springserve.com/ Frame 9EBF
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000016%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
  • https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
Protocol
H2
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif

Redirect headers

location
https://sync.springserve.com/usersync?aid=1000016&gdpr=1&gdpr_consent=&us_privacy=&uuid=1481605999243655540028
date
Thu, 14 Apr 2022 01:51:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:35 GMT
server
nginx
14048
rtb.gumgum.com/usync/ Frame 7101 		2 KB
966 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0c8fc1e3cf523bb50d8c1901200aa315de482d48c04b34a53908482e4976b06d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 14 Apr 2022 01:51:35 GMT
etag
W/"0565020ec2858365e8ec446c3d46c09e3"
server
nginx
timing-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8354 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Requested by
Host: vid.springserve.com
URL: https://vid.springserve.com/ssusersync
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157224
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:35 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Apr 2022 21:31:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
syncb
sync.bfmio.com/ Frame 9EBF 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/syncb?pid=111&gdpr=1&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.97.35 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 14 Apr 2022 01:51:34 GMT
um
cs.emxdgt.com/ Frame 9EBF 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000003%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
content-length
0
content-type
text/html
sync
pixel.advertising.com/ups/58185/ Frame 9EBF 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/58185/sync?&gdpr=1&gdpr_consent=&us_privacy=&redir=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.41.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-41-116.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pbsync
ads.yieldmo.com/ Frame 9EBF 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/pbsync?gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000017%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.116.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
occ
ups.analytics.yahoo.com/ups/58518/ Frame 9EBF 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58518/occ?gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1B50 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81760
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:35 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1A98 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81760
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
sync
x.bidswitch.net/ Frame 7101 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4c91ee17-416b-4afe-83e4-92245583aca5&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.19.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-19-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cm
us-u.openx.net/w/1.0/ Frame 7101 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:35 GMT
content-encoding
gzip
server
OXGW/18.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame 7101 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.3.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-3-24.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:35 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
services
sync.technoratimedia.com/ Frame 7101 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.130.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
376620926
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 7101 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 7101
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4c91ee17-416b-4afe-83e4-92245583aca5&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Server
34.248.76.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-76-8.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:35 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 7101
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Server
34.241.76.6 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:35 GMT
server
envoy
content-type
image/gif
cache-control
private, no-store, must-revalidate, max-age=0
x-envoy-upstream-service-time
5
x-region
ireland
content-length
35
expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
ssbsync.smartadserver.com/api/ Frame 7101 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:34 GMT
content-length
0
usersync
sync.springserve.com/ Frame 7101 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000004&gdpr=1&gdpr_consent=&us_privacy=&uuid=e_4c91ee17-416b-4afe-83e4-92245583aca5
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 14 Apr 2022 01:51:35 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
usersync
sync.springserve.com/ Frame 19BF 		43 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.springserve.com/usersync?aid=1000010&gdpr=1&gdpr_consent=&us_privacy=&uuid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=1&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000010%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.196.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Thu, 14 Apr 2022 01:51:35 GMT
server
nginx
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 13D4 		85 B
169 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Thu, 14 Apr 2022 01:51:35 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4028-HHN
x-timer
S1649901096.623295,VS0,VE89
pixel
cm.g.doubleclick.net/ Frame A735 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80YzkxZWUxNy00MTZiLTRhZmUtODNlNC05MjI0NTU4M2FjYTU=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 14 Apr 2022 01:51:35 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame F8DA 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 14 Apr 2022 01:51:35 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usync.html
eus.rubiconproject.com/ Frame 696A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 01:51:35 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 14 Apr 2022 01:51:35 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
um
cs.emxdgt.com/ Frame 314C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/14048?gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000004%26gdpr%3D1%26gdpr_consent%3D%26us_privacy%3D%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Thu, 14 Apr 2022 01:51:35 GMT
usync.js
eus.rubiconproject.com/ Frame 696A 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42064
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Thu, 14 Apr 2022 13:32:39 GMT
ecm3
s.amazon-adsystem.com/ Frame 696A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_VL5fRfxRFe4MYSMiqJqgA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_VL5fRfxRFe4MYSMiqJqgA
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_VL5fRfxRFe4MYSMiqJqgA
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
WJ6GCFGWZW2EFVZPQ63B
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_VL5fRfxRFe4MYSMiqJqgA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 696A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
usermatch.gif
beacon.krxd.net/ Frame 696A
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=27384
  • https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN
Protocol
H2
Server
52.50.214.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-214-249.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=69 t=1649901095
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://beacon.krxd.net/usermatch.gif?partner=rubicon&partner_uid=L1YCI8FD-1G-5SWN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 696A
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A3BDC2EA93AF4364963906C238B29D73&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A3BDC2EA93AF4364963906C238B29D73&expires=365
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Thu, 14 Apr 2022 01:51:35 GMT
x-content-type-options
nosniff
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A3BDC2EA93AF4364963906C238B29D73&expires=365
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 13 Apr 2022 01:51:35 GMT
tap.php
pixel.rubiconproject.com/ Frame 696A
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=69d635b5-bb95-11ec-b279-83219ceaa7a0&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=69d635b5-bb95-11ec-b279-83219ceaa7a0&expires=30
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=69d635b5-bb95-11ec-b279-83219ceaa7a0&expires=30
Date
Thu, 14 Apr 2022 01:51:35 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
6ad1ad30-bb95-11ec-ab6a-758556ee574a
tap.php
pixel.rubiconproject.com/ Frame 696A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18576257-7e1d-4600-b186-4b87cea796dd&expires=28
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18576257-7e1d-4600-b186-4b87cea796dd&expires=28
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Date
Thu, 14 Apr 2022 01:51:35 GMT
Server
MT3 4335 2c68c00 master ord-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=18576257-7e1d-4600-b186-4b87cea796dd&expires=28
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 14 Apr 2022 01:51:34 GMT
tap.php
pixel.rubiconproject.com/ Frame 696A
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=N1yNz4lE1NEODS5&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=N1yNz4lE1NEODS5&expires=30
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:35 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://pixel.rubiconproject.com/tap.php?v=4210&nid=1523&put=N1yNz4lE1NEODS5&expires=30
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 696A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7896357961865025998&expires=60&gdpr=0&gdpr_consent=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7896357961865025998&expires=60&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=7896357961865025998&expires=60&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 14 Apr 2022 01:51:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1A98 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,&us_privacy=&cb=1649901097054&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:37&ranreq=0.9945225621795537&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:36 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9EBF 		985 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
92619628c982680513ddea4f7e6e018dca7ffead1446acb143f49d78af4b8f93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:36 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Thu, 14 Apr 2022 01:51:36 GMT
track
aktrack.pubmatic.com/ Frame 9EBF 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901095&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:36 GMT
content-length
0
content-type
text/html
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 8318 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:36 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame D688 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81759
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:36 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 8318 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:36 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81759
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
async_usersync
ib.adnxs.com/ Frame 618C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:36 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
27b4d6f5-fee2-4101-a9f8-755a4b25c736
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
124 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_5_8/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:36 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 8318 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,&us_privacy=&cb=1649901097712&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:38&ranreq=0.24073189685836938&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:36 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
i
vid-io-cle.springserve.com/vd/ Frame 9EBF 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=b69a8041&ps_id=356921&batch=1
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.141.212.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-212-22.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:36 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
access-control-allow-methods
GET, OPTIONS
track
aktrack.pubmatic.com/ Frame 9EBF 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901096&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:36 GMT
content-length
0
content-type
text/html
vpaid_a98f4fbf.js
vpaid.springserve.com/production/ Frame 9923 		501 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:aa00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a8323dcd0d6c7d37f497b52f8a3fe466c47557e24a4a2298fd6dfe45d95e1131

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 14:20:35 GMT
content-encoding
br
last-modified
Fri, 08 Apr 2022 14:13:06 GMT
server
AmazonS3
age
473462
etag
W/"6b701f638e0fd2494eaafda977ef4c92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
cache-control
max-age=2678400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
OjwFV_yYPrSd1ePB5TlS9a8lw_QCONLYol-S8AQlRKeeDi2TElMFDw==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9923 		985 B
869 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
92619628c982680513ddea4f7e6e018dca7ffead1446acb143f49d78af4b8f93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:36 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
607
expires
Thu, 14 Apr 2022 01:51:36 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 9923 		166 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4f73a51ca7ffa8218ed38de84ae75c69c2cec2a75be6d44ae7716a35799d8216
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:37 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e2ab6d95-5983-43f9-a054-ef48ed7c0b56
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://revistaquem.globo.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
166
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 00F8 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7495 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81758
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 00F8 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81758
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
t
t.lkqd.net/ Frame 38AE 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://revistaquem.globo.com
date
Thu, 14 Apr 2022 01:51:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://revistaquem.globo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://revistaquem.globo.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
server
nginx
996.json
id5-sync.com/g/v2/ Frame AC7B 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
e69be500b8ee1401e7d19efc64d14edf082ab12c8a2cae8eec3f3bcd49284060
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://revistaquem.globo.com
Date
Thu, 14 Apr 2022 01:51:36 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame AC7B 		44 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
access-control-allow-credentials
true
alt-svc
clear
content-length
44
id
id.crwdcntrl.net/ Frame AC7B 		63 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5b12f0e24608e6b90ace039c2cf451cc73ae962387727fa20b257759e525ea8b

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache
x-server
10.45.25.69
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame AC7B 		108 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
a1d30a6c6ed7af88ca43e0026375d4653dfeb13349d15df47ed2bcf2998994ef

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 14 May 2022 01:51:37 GMT
996.json
id5-sync.com/g/v2/ Frame 37CB 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
15d5272370e339f9c6321d1ee27d7891748e46b9762c32535800344220de1d8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://revistaquem.globo.com
Date
Thu, 14 Apr 2022 01:51:36 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 37CB 		63 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9e777473fa9da8997b8fd0bdf78fe718a5d0ed18ab59340ab66bd9eb09318ade

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache
x-server
10.45.25.249
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 37CB 		108 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
a1d30a6c6ed7af88ca43e0026375d4653dfeb13349d15df47ed2bcf2998994ef

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 14 May 2022 01:51:37 GMT
996.json
id5-sync.com/g/v2/ Frame 3449 		213 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/996.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
29a7acb3f87061fbdf4eddbf36f35650ea73bb93b20848a5c39aba88c8ba3896
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://revistaquem.globo.com
Date
Thu, 14 Apr 2022 01:51:36 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 3449 		63 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.103.128 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d1d7dd47633b88cf806a22dd7349117acd506dfbd276bcab76f9f694ad06ca66

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-cache
x-server
10.45.28.49
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ Frame 3449 		108 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
a1d30a6c6ed7af88ca43e0026375d4653dfeb13349d15df47ed2bcf2998994ef

Request headers

Referer
https://revistaquem.globo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://revistaquem.globo.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 14 May 2022 01:51:37 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 00F8 		27 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,&us_privacy=&cb=1649901098528&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Frevistaquem.globo.com%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Frevistaquem.globo.com%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2022-4-14%201:51:39&ranreq=0.9740078297568393&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://revistaquem.globo.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
checksync.php
contextual.media.net/ Frame E9C5 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C173%2C251%2C175%2C178%2C157%2C3018%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C117%2C337%2C338%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ef665350f1f5c87587348157e4a16122de38b01eed69df6f110482ff3ed4fdeb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=121681
content-encoding
gzip
content-length
8225
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
expires
Fri, 15 Apr 2022 11:39:38 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 5BFF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 01:51:37 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1AE1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:37 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:39 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C7EA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157222
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Apr 2022 21:31:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 5BFF 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42062
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Thu, 14 Apr 2022 13:32:39 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 9923 		985 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_a98f4fbf.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2002f5efec2e7f5bfbd9563863a45a4f2b15ac2dcef9df77cdc267e64532d8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23df-5d77a515ac2dc"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://revistaquem.globo.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
608
expires
Thu, 14 Apr 2022 01:51:37 GMT
track
aktrack.pubmatic.com/ Frame 9923 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1649901096&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
content-length
0
content-type
text/html
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AF17 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157222
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Apr 2022 21:31:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame B99C 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C173%2C251%2C175%2C178%2C157%2C3018%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C117%2C337%2C338%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ef665350f1f5c87587348157e4a16122de38b01eed69df6f110482ff3ed4fdeb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=121681
content-encoding
gzip
content-length
8225
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
expires
Fri, 15 Apr 2022 11:39:38 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 82CB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 01:51:37 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9EB0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:37 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:39 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 1AE1 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:37 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c91e6e52-9967-4529-bd86-bd5f4404e7a9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1145 		154 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 09:04:51 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-266bf-5dc715a7e7371"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
36738
usync.js
eus.rubiconproject.com/ Frame 82CB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42062
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Thu, 14 Apr 2022 13:32:39 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B597 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 14 Apr 2022 01:51:37 GMT
ETag
"623de86a-cf34"
Expires
Fri, 15 Apr 2022 01:51:39 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 70AB 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 14 Apr 2022 01:51:37 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CA71 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157163
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=157222
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Apr 2022 21:31:59 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame A019 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU2410EL&prvid=2034%2C2033%2C2030%2C173%2C251%2C175%2C178%2C157%2C3018%2C2027%2C3017%2C159%2C2026%2C214%2C3016%2C117%2C337%2C338%2C97%2C99%2C77%2C56%2C59%2C3012%2C141%2C222%2C201%2C3007%2C246%2C4%2C126%2C203%2C226%2C10000%2C80%2C108%2C229%2C9%2C109%2C307%2C82&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157163/4986/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ef665350f1f5c87587348157e4a16122de38b01eed69df6f110482ff3ed4fdeb
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://revistaquem.globo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=121681
content-encoding
gzip
content-length
8225
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
expires
Fri, 15 Apr 2022 11:39:38 GMT
server
Apache
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync
ib.adnxs.com/ Frame 9EB0 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:37 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
43f1cc69-0d13-4e40-bad4-9f74b4a49b34
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9F02 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=81758
content-encoding
gzip
content-length
13941
content-type
text/html; charset=UTF-8
date
Thu, 14 Apr 2022 01:51:37 GMT
etag
"1302647-96a7-5da3b2ade946f"
expires
Fri, 15 Apr 2022 00:34:15 GMT
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1145 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=http%3A%2F%2Frevistaquem.globo.com%2F&schain=1.0,1!vidoomy.com,59871,1,1649901093435,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 01:51:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 05:35:40 GMT
server
Apache/2.2.15 (CentOS)
etag
"1302647-96a7-5da3b2ade946f"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=81758
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13941
expires
Fri, 15 Apr 2022 00:34:15 GMT
usync.js
eus.rubiconproject.com/ Frame 70AB 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Thu, 14 Apr 2022 01:51:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42062
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9542
Expires
Thu, 14 Apr 2022 13:32:39 GMT
tap.php
pixel.rubiconproject.com/ Frame 5BFF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yld_IAABzu1TdQAZ
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yld_IAABzu1TdQAZ
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
via
1.1 varnish
server
Varnish
x-timer
S1649901098.772772,VS0,VE0
x-served-by
cache-hhn4028-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=Yld_IAABzu1TdQAZ
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 5BFF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5532520119658720114
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5532520119658720114
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
server
nginx
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=5532520119658720114
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cm
p.rfihub.com/ Frame 5BFF 		0
0
pixelSync
pixel-a.sitescout.com/dmp/ Frame 5BFF 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-a.sitescout.com/dmp/pixelSync?nid=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
rbp.mxptint.net/ Frame 5BFF 		0
0
tap.php
pixel.rubiconproject.com/ Frame 5BFF
Redirect Chain
  • https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n
  • https://gu.dyntrk.com/adx/rbcn/us.php?dynk=r1b32c0n&prevuid=&knw=
  • https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

date
Thu, 14 Apr 2022 01:51:37 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://pixel.rubiconproject.com/tap.php?v=333994&nid=4804&put=&expires=365&gdpr=1&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
genericusersync.ashx
sync.tidaltv.com/ Frame 5BFF 		0
0
info
uipglob.semasio.net/magnite/1/ Frame 5BFF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=10362
  • https://uipglob.semasio.net/magnite/1/info?sType=sync&sExtCookieId=L1YCI8FD-1G-5SWN&sInitiator=external
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/magnite/1/info?sType=sync&sExtCookieId=L1YCI8FD-1G-5SWN&sInitiator=external
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Apr 2022 01:51:37 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Location
https://uipglob.semasio.net/magnite/1/info?sType=sync&sExtCookieId=L1YCI8FD-1G-5SWN&sInitiator=external
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame B597 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Apr 2022 01:51:37 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f768b0fb-f1ff-4abb-9f18-c79e65c1e580
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOxuwUuDm%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
r.nexac.com
URL
https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOxuwUuDm%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:18576257-7e1d-4600-b186-4b87cea796dd&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5532520119658720114
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=f05f460c-7c71-4add-85b4-6d93ed1e951a
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7086271214606547085
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yld_IAABzu1TdQAZ&gdpr=0&gdpr_consent=&_test=Yld_IAABzu1TdQAZ
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pQHog5hZRXJyywhxFGiggdlAl0Q
Domain
aud.pubmatic.com
URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=233BC567-1CD6-42D4-AD85-BB3FEEAB3F34&addseg=19,36,42
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ae2436b0-25be-4e8b-b9da-ccf85b963cc3&gdpr=&gdpr_consent=&gdpr_pd=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7896357961865025998&gdpr=0&gdpr_consent=&us_privacy=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
revistaquem.globo.com
URL
https://revistaquem.globo.com/OneSignalSDKWorker.js
Domain
docker.creative-serving.com
URL
https://docker.creative-serving.com/cm?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDYmdGw9MjAxNjA=&piggybackCookie=${UUID}
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?dspid=6&uuid=A3BDC2EA93AF4364963906C238B29D73
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent=
Domain
revistaquem.globo.com
URL
https://revistaquem.globo.com/OneSignalSDKWorker.js?appId=58b810d3-12bc-4b9d-9b95-0c26ba88404c?sdkVersion=151513
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?in=1&pub=64
Domain
rbp.mxptint.net
URL
https://rbp.mxptint.net/sn.ashx
Domain
sync.tidaltv.com
URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=rubicon

Verdicts & Comments Add Verdict or Comment

523 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _taboola object| glb object| clientVars object| dataLayer function| fbq function| _fbq string| tipoConteudoPiano string| ambienteUtilizadoPiano boolean| conteudoExclusivo string| nomeProdutoPiano function| downFunction function| detectaAdBlock string| advEnv object| utag_data boolean| utag_condload boolean| inQa boolean| isMultiContent boolean| isElectionPage boolean| isVotePage boolean| alreadyRolledOut boolean| isMultiContentRedeGlobo boolean| shouldAppendJs string| profilingJs number| nvgId boolean| nvgAsync object| nvg object| s string| currentUrl string| adunit_produto object| produtos_novos object| pbjs object| scriptPreBid object| tag object| prebidData number| FAILSAFE_TIMEOUT number| FAILSAFE_TIMEOUT_LAZY object| headerBiddingSlotsCalled object| desktop_positions_list object| desktop_positions_list_homes undefined| mobile_positions_list object| mobile_positions_list_full object| mobile_positions_list_homes undefined| ad_positions_full object| tentativasBLL object| userStorage undefined| adunit_autoesporte undefined| url_limpa undefined| adunit undefined| adunit_umsoplaneta undefined| fLen undefined| text undefined| dtpub object| headerBiddingSlots object| utag function| getJs function| printarPublicidade function| callAdServer function| callPrebid function| whenAvailableCookie function| cadunUserData function| callAdserverLazy function| callPrebidLazy function| printarOutstream function| printarPublicidadesMateria function| printarPublicidadesScroll function| advertisingGlobalLoader function| advertisingGlobalRefresh boolean| __tealium_twc_switch function| Krux string| ga_editoria object| googletag object| _newsroom object| LGPD object| horizonResources function| turnIntoArchorLink string| pageTemplate function| handleRefreshSpecialContent function| insertAfter function| OneSignal function| _createClass function| _classCallCheck function| NewslistFamous undefined| newslistFamous string| workerPath function| isMobile number| __oneSignalSdkLoadCount number| newsroomStartsLoadingTime object| tbNewsroom object| commonSignals function| commonTracker function| sendCommonHit object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore object| nvg13574 function| nvgGetSegment function| ltgc string| prmstr object| prmarr object| tmparr object| nvg_hosts object| naveggReady object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| BlockAdBlock object| blockAdBlock object| preloadImages string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| GlobalIvcNamespace function| ivc boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand undefined| _pm_ecd undefined| _tb_vpx undefined| _tb_vpmd boolean| _tb_vautop function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter function| udm_ object| ns_p object| COMSCORE object| nvg46169 function| _defineProperties function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl undefined| google_measure_js_timing object| gaplugins function| comScore object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| dmp object| cq object| tv4 object| Snowplow object| _pmk function| TBWidgetFacebook function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| hh object| _pm_mcg function| _typeof function| _possibleConstructorReturn function| _assertThisInitialized function| _getPrototypeOf function| _inherits function| _setPrototypeOf object| loadTimes function| convertRecAb object| regeneratorRuntime object| $jscomp function| __extends object| Horizon object| glb_realtime_map object| pvm object| gaGlobal object| gaData object| webpackJsonp boolean| hasPaywall object| tp object| PaywallAnalytics object| tinyCpnt object| Piano function| utils function| ADVTools function| PolyfillIntersectionObserver object| ADVERTISING_STATUS string| ADVERTISING_STATUS_ATTRIBUTE function| Advertising function| init function| binding function| bindSubscribe function| isExclusiveContent function| getTimeToCallAdv function| hasAdvertising function| updateRecommendation function| stripRecommendation function| createObserver undefined| myURL function| Gallery function| ImageLazyLoad function| Header object| headerEl object| header undefined| deferredPrompt function| hideToast function| showToast function| createMarkup function| createToast function| registerSW function| Menu object| menu function| checkSearch object| btn string| url string| wattURL object| newsTitle object| newsSummary string| titleContent string| summaryContent object| source string| srcContent string| navigatorUserAgent function| proxySocialShare function| setHref object| pint object| ogImgElement string| ogimg function| ruleForWhatsSharePage function| NOOP function| Dialog function| copyURL function| OfflineNotification function| _toConsumableArray function| NewsReserve function| NewsList object| newslist function| Fullbanner function| Iframe function| GloboVideo function| Cookie function| _slicedToArray function| NewsletterRegister function| NewsletterAnimalLife function| NewsletterRegisterMultiple function| Newsletter function| Subscribe function| Globomais function| BannerPiano function| progressBar function| MostRead function| AdvertsingFixed object| adFixed function| SpecialBoxContent function| SecondarySpecialList function| SecondarySpecialListBottom string| PINTEREST_TARGET_URL string| PINTEREST_SOURCE_URL function| PinterestView function| PinterestModel function| Pinterest function| ShowEditLinkBoxAction function| HideEditLinkBoxAction function| EditLabelLink function| NewsListMultiple undefined| newslistMultiple function| _typeof2 object| POLYFILL boolean| advertisingReady function| Glide boolean| blockHeaderScroll string| nomeArquivo string| nvg_i function| JsonpService function| Util function| CacheService object| Cadun function| EventService object| GloboIDSDK object| _cdn object| advSlotList string| keyvalue_pos object| SWG object| swgEntitlements function| pbjsChunk object| _pbjsGlobals object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| Criteo boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion function| ___tp object| ampInaboxIframes object| ampInaboxPendingMessages number| taboola_view_id object| PianoESPConfig object| placementData string| glbid string| nam function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles object| cmTag object| lkqd object| _cm_wfCounters string| lastWfUrl function| webpackHotUpdate function| startCMTagMain number| lnt_z string| category function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| OvaMediaPlayer undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA object| DOMlessLLDcallback_56834929 object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| GoogleGcLKhOms object| tbopt object| google_image_requests

152 Cookies

Domain/Path Name / Value
.globo.com/ Name: utag_main
Value: v_id:018025c49e550005884bd3ef8a7a03073001e06b00b08$_sn:1$_ss:1$_st:1649902884246$ses_id:1649901084246%3Bexp-session$_pn:1%3Bexp-session
.globo.com/ Name: cookie-banner-consent-accepted
Value: false
.globo.com/ Name: _fbp
Value: fb.1.1649901084815.1599294466
.facebook.com/ Name: fr
Value: 0u0JILalsH9Vb0Qru..BiV34b...1.0.BiV34b.
.scorecardresearch.com/ Name: UID
Value: 1229a031b7278edfca61dc31649901083
.navdmp.com/ Name: nid
Value: 108da546399b775d010a28e86210|0|133
revistaquem.globo.com/ Name: _gada_ses.7e1a
Value: *
revistaquem.globo.com/ Name: _gada_id.7e1a
Value: db370b26-2fde-4076-829f-b6c49b48be25.1649901085.1.1649901085.1649901085.625b9f8e-b269-4150-9a5d-42e49bc58a94
.globo.com/ Name: nav13574
Value: 108da55acaf4eb020e8a3c074b10|2_105
revistaquem.globo.com/ Name: privAu
Value: 0
revistaquem.globo.com/ Name: _tb_sess_r
Value:
.globo.com/ Name: nav46169
Value: 108da546392a2c36d93faa665910|2_105
.krxd.net/ Name: _kuid_
Value: OxuwUuDm
.globo.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.globo.com/ Name: _ga
Value: GA1.2.416071499.1649901085
.globo.com/ Name: _gid
Value: GA1.2.585604907.1649901085
.globo.com/ Name: _dc_gtm_UA-6883270-1
Value: 1
.globo.com/ Name: randomCookieForPiano
Value: cookieB
revistaquem.globo.com/ Name: _egquem_userVisits
Value: 1
.globo.com/ Name: _hjSessionUser_849637
Value: eyJpZCI6IjJhMzNmMjM2LWVhNzktNTAxYy04Yjc2LWI5ZWUwMjkzZmQ0OCIsImNyZWF0ZWQiOjE2NDk5MDEwODUyNTcsImV4aXN0aW5nIjpmYWxzZX0=
.globo.com/ Name: _hjFirstSeen
Value: 1
revistaquem.globo.com/ Name: _hjIncludedInSessionSample
Value: 1
.globo.com/ Name: _hjSession_849637
Value: eyJpZCI6ImE3MTlhZjE1LTg2NDQtNDg4Yy1iYTU0LTdjNTI0NDU5YjZmMiIsImNyZWF0ZWQiOjE2NDk5MDEwODU1OTAsImluU2FtcGxlIjp0cnVlfQ==
.globo.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.adnxs.com/ Name: uuid2
Value: 7704152931637928568
.rlcdn.com/ Name: pxrc
Value: CAA=
.criteo.com/ Name: uid
Value: 94b70f73-43b2-4625-8d90-3a9f3b759536
.demdex.net/ Name: demdex
Value: 36295262786344900703919546269068142132
revistaquem.globo.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.globo.com/ Name: pbjs_sharedId
Value: 2730c50e-ce61-4ce6-b4b3-94290a0fbd41
.dpm.demdex.net/ Name: dpm
Value: 36295262786344900703919546269068142132
.rubiconproject.com/ Name: khaos
Value: L1YCI8FD-1G-5SWN
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo12QsdhOd8u2WQ0NNjmqbPd94gXYLevqIcPxm3GZEWzBYL5oQJzp71rcLM6jPTu1VkU0ooWx+lyXKY++jymV4/P0BDC4f586O/pmrl6hR8hw==
revistaquem.globo.com/ Name: __adblocker
Value: false
.doubleclick.net/ Name: IDE
Value: AHWqTUlL0AYcTmXgb-W7jeWcWoOeRtUCSwo7HtjHkvbwhBZy_imShbNM6MrG9iv5R_w
.globo.com/ Name: __gads
Value: ID=ccf5a7e86be6a5c5:T=1649901084:S=ALNI_MbDibqhOu1gtgLEcbsoKSnqy7wTdQ
.piano.io/ Name: __cf_bm
Value: q934eO6DmR.zhw4SYvizcALctjprdc25lffR6uVyVXE-1649901084-0-ASrFwBq67FZ3mhMar12C+NNHRvzHCQ5xGQ3l7ztt6ZhxR1Gl47h36axUyyfUoB/e6/z1bq9LeTEvs+dX4RypmtE=
.globo.com/ Name: __tbc
Value: %7Bkpex%7DuesQDzWcps6uk75QuW-1-i-poDnEZZ6YhkHPffDmRv_MVKWvSoA6xeS4iu_FXaRmgYBIjMTw7DlLH_CRyPwIqyj-Dl3VOzZHPxS_wzNOY3s
.globo.com/ Name: __pat
Value: -10800000
.globo.com/ Name: __pvi
Value: %7B%22id%22%3A%22v-2022-04-14-01-51-25-913-jukYwU9f2ygBTK5W-5a3d23d92531383c2b3c5921400f9e85%22%2C%22domain%22%3A%22.globo.com%22%2C%22time%22%3A1649901086173%7D
.globo.com/ Name: xbc
Value: %7Bkpex%7D9a5g9DX0xaRaLkRE1_TtY04IwDtGagclvaVgR_Fe6eXqZhVO8GSePj92Bofjb_Zw8F8lJ8Vjc906dfrm7VsZmIwDPCY74MGIJS6VYmpPsG0xrOt_d7WPvWD6cCDTH9nSdSURqZehym-taCgce4cxpUdP-Pr03yfITLOw1w0WOPd_okbhHeBVDihrZDqhEOTd-OPxtRj08J2d7Tkab9NZKuE6HRjQnafgHHehcqMtziqTKnupbUl4afhUUib1HlT8CcSL49PFreWsqGaQV-UNBz-4axf956mtBxKaRqrHUxKtOUAIwUm6U1dk6ewXanhx_Vgpl0EalWAlsfdC241N4LhgSf8SrPr03H8q8cexLBU8YtlRgvEC-xFaGfrLddHi
.globo.com/ Name: kppid
Value: 1031689782149728999
.globo.com/ Name: hsid
Value: cd69b1f5-1e00-499a-8813-7d9f5612af07
revistaquem.globo.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D12bd2ec2-7571-46a2-9c06-a8286215fc2b-tuct951039b
.yahoo.com/ Name: A3
Value: d=AQABBBx-V2ICEFQ4R-ny6Mtl22YlWyBZVTMFEgEBAQHPWGJhYgAAAAAA_eMAAA&S=AQAAAuyDX4hIHkX6BuZyRF-qUWU
ads.stickyadstv.com/ Name: UID
Value: fb34cb2417d25acb7244d935c25498b5
ads.stickyadstv.com/ Name: sessionId
Value: 517e8698a7d2de1d6f7b6f8415353ae0
.bidswitch.net/ Name: tuuid
Value: ae2436b0-25be-4e8b-b9da-ccf85b963cc3
.bidswitch.net/ Name: c
Value: 1649901084
.bidswitch.net/ Name: tuuid_lu
Value: 1649901085
.globo.com/ Name: _pubcid
Value: e1fd06f0-a2a0-464f-8b17-bd531ea6dab2
.rlcdn.com/ Name: rlas3
Value: jOnMgWBVZITGEIfV5sOjiXtXsnuZ2JiB19AxT+ER7ko=
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.globo.com/ Name: smDataLocalStorageCart
Value: {}
.globo.com/ Name: smDataCookieCart
Value: {}
prebid.a-mo.net/ Name: __amc
Value: 1_1649901085_1649901085
.globo.com/ Name: glb_uid
Value: "zcbDTrH7jhL-8lShJI2miTKmqEwJ3jeDEjmStHULOsk="
.turn.com/ Name: uid
Value: 7896357961865025998
revistaquem.globo.com/ Name: cto_bidid
Value: 5jLGxV9JcGVTRnl2bEp5R2F2U0x0dXBVSnp2WFhtJTJGTk9kU0huc0FqMkR0RCUyRmYwem1zV3dMWWZlbzZPWHRYVmZQeHZOV1IxWjB5NFNQR0FDY2dwZ3NlSnk2cWElMkY0b1I1a2VOdWElMkJzYkhZNGVaJTJCOVUlM0Q
revistaquem.globo.com/ Name: cto_bundle
Value: g2eEA19CSU8zZElGOXlaRXkzSWFOR25XajFmZzA4RzlnRThpMWZEaFdsMjdZZ0RaT1V2VURNaEEzZ1QlMkJuQWxzelVNa0VTc1hIQlVJMFVReEZCOUhlR0dtS3BqdjFZcjNXTFpQelF2YXZQd2ExVDdiMzloUzVKZWViNk5MYzFKNEl3M0gzTFlheVZIU1c4TlNmMWF1T1g4NTdTZyUzRCUzRA
.mathtag.com/ Name: uuid
Value: 18576257-7e1d-4600-b186-4b87cea796dd
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImFlMjQzNmIwLTI1YmUtNGU4Yi1iOWRhLWNjZjg1Yjk2M2NjMyIsImV4cGlyZXMiOjE2NTI0OTMwODV9LCJZQUgiOnsidWlkIjoieS1Ia1FNOTZwRTJ1RWIyQ1AydjJFQkxOVm9RUk9OWEJ3MVg4UXVTV1ktfkEiLCJleHBpcmVzIjoxNjUyNDkzMDg1fX19
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a501e883-9859-4572-72cb-08711468a081.BugJo51xVLUQASlw0FgnWSa9d5EG5%2BxzcNYjchHYQGk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApQHog5hZRXJyywhxFGiggdlAl0Q.wfP1YLcGafBITo%2BALru549XsccwS23PqsOa68GM23eY
.spotxchange.com/ Name: audience
Value: 64f7e13e-bb95-11ec-9ac0-1189f5600506
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b8780150-89aa-44a3-848d-9b92fdf30b67"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDk5MDEwODc7MjswMjEtL+aThwY2QDbmIeOz6B+nj+H3tCMyYleh9gZNz1jbsw==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2678:u=1:x=1:i=1649901087:t=1649987487:v=2:sig=AQFKcFqseSVSKxMwBnuUxsi2I5folMXi"
.doubleclick.net/ Name: DSID
Value: NO_DATA
.fwmrm.net/ Name: _uid
Value: "l04bc_7086271210300826826"
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
ads.stickyadstv.com/ Name: uid-bp-36033
Value: l04bc_7086271210300826826
ads.stickyadstv.com/ Name: MRM_UID
Value: l04bc_7086271210300826826
.adsrvr.org/ Name: TDID
Value: f05f460c-7c71-4add-85b4-6d93ed1e951a
ads.stickyadstv.com/ Name: uid-bp-892
Value: f05f460c-7c71-4add-85b4-6d93ed1e951a
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEIHeP4G9b2LIlWyZfkN2b-I
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 233BC567-1CD6-42D4-AD85-BB3FEEAB3F34
.onaudience.com/ Name: cookie
Value: 0a9d84ad0678b7d0
.onaudience.com/ Name: done_redirects147
Value: 1
.quantserve.com/ Name: d
Value: EJYBCwHzJfijAA
.quantserve.com/ Name: mc
Value: 62577e20-4d37d-aa0d1-45727
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: A3BDC2EA93AF4364963906C238B29D73
.bidr.io/ Name: bito
Value: AAGF807ErvwAADYzwFHJ6A
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiYpNiu6vDOOhAFGAEgASgCMgsI1oWD3IDxzjoQBTgBWgd4a3N3OWxhYAI.
.de17a.com/ Name: guid2
Value: 1.1930816772207440750
.adform.net/ Name: uid
Value: 5532520119658720114
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7704152931637928568&KRTB&23339-7704152931637928568
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-gDwnwIFrIMebOnbEgWo_ltc-dsabOifAhDlvimPL&KRTB&19420-gDwnwIFrIMebOnbEgWo_ltc-dsabOifAhDlvimPL&KRTB&22979-gDwnwIFrIMebOnbEgWo_ltc-dsabOifAhDlvimPL
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECdud4czLbAMfH9PpG3WhCc&KRTB&16514-CAESECdud4czLbAMfH9PpG3WhCc&KRTB&23025-CAESECdud4czLbAMfH9PpG3WhCc
.onaudience.com/ Name: done_redirects219
Value: 1
ads.stickyadstv.com/ Name: uid-bp-26913
Value: AAGF807ErvwAADYzwFHJ6A
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1930816772207440750
ads.stickyadstv.com/ Name: uid-bp-717
Value: y-Pgjvf3VE2oObjA2uh.vd68ZR0oXyxvU_cDJHcUOb~A
.zeotap.com/ Name: zc
Value: 7106cd9a-55e4-49e9-658d-7d6185393dbc
.zeotap.com/ Name: zsc
Value: %E0%95%DB%DF%8C%EF%A1%A0%5E%CC%23%97%BFb2%3B%2C%22%FAd%C0%B7%D7%15%E5M%C4%F0t%A2%FA%A5%DE%C7%09u%82%83%B2%A1%A2%FE%83H%C5%1D%0Fz%8Fo%AE%1013%08%9B%CB%15t%1Cs%0C%8A%7BdV%E9m%FA%ED%11%B3%03jD%27%92%9F%92%00%C5%1El
.w55c.net/ Name: wfivefivec
Value: N1yNz4lE1NEODS5
.w55c.net/ Name: matchfreewheel
Value: 5
ads.stickyadstv.com/ Name: uid-bp-23329
Value: N1yNz4lE1NEODS5
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.analytics.yahoo.com/ Name: IDSYNC
Value: "1982~24bd:195y~24bd:18z8~24bd"
.pubmatic.com/ Name: SPugT
Value: 1649901088
.adfarm1.adition.com/ Name: UserID1
Value: 7086271214606547085
.fiftyt.com/ Name: fifid
Value: 6fac4aeb-1e0c-4bcf-5e3c-ea107487223b
.fiftyt.com/ Name: cs
Value: MTY0OTkwMTA4OHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fI28vL4ag78cpkuEClPXkM-3JN7CG2nSKW4kpMieCWRG
.fiftyt.com/ Name: fppm
Value: 20220414015128
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yld_IAABzu1TdQAZ
.semasio.net/ Name: SEUNCY
Value: CF7AA4015320BCF3
.adhigh.net/ Name: gi_u
Value: ummzOeRHQ8b.AikABlGAJcSwgQ
.adhigh.net/ Name: bsw_sync
Value: jkh
.audrte.com/ Name: arcki2_pubmatic
Value: 233BC567-1CD6-42D4-AD85-BB3FEEAB3F34!20210804!1649901089073
.audrte.com/ Name: arcki2_TTT
Value: 1649901089074!1ahoQVMeEFsTxis9HJdSofxEg!H4sIAAAAAAAAACWWWY5EIQhFF+O3CYIDLkdR97+EPq/6o9OViqVwuQPSr9pZkY/eme3tlaeWlfe0OM2OvrLTHGc2rZpHuT3XuTTPNSTbrPtEXD93JJFir+vOcmXnWtrLvqrk6BFDt/U1XyqvatPDJYuX6u4zu3Ld7nvq9V5HmUlqLaNay7zash0++Zw3z1bbfGvXM2daHmd783yF6rmp5e29ZxVtXrhHrCc99qLGyK8Fb9bJTRqSh9c+XEpXiaS3hc/QHJdy6r7cVJw+fG4/7d39WupmW8L5qcwKBHfn3TjpMcT2GTGPpx793e43V5k8p7Xl1R7Hn7YSRWSvmvq9ByxHbj5Prm17nnFGdjO5+8qRHakWv24ncp/jZrvy8hTA3K9HqVuLVU0VRLetlm/4y3XUBwRj5ncHM7hha3taT8su63yXFGo6O8/emHfULm9Fe3RX63myrWYf4FDrizwv1/W2m64b2hkLDQzzEvm9MAYsdG9U/4qUU5pJGTuNcYctajpr/hCHKrIke+fM6rMAb7p6Yg3Qs24U9pFm9QFYT15oDDtnpTuLQL+a16KwOriTuUpeQjebFt1nmnsdM8Y6PICgPMv7NPhkckxHHxqemrcaxSvfmsMn51A5NYu+07c2YbZpFVUpj5rfgwXaD4V7gzlFelt7d1lJn0/mVxlLwHHdkf3FhZ51D+4VQwgblSzfM8suH1WY4mweuSG0M0dvfb101sdNaurWI1sE1SlTjr0kzhVpo6fo25cOwEZDuR4FzMHF9516q9uT6umiUt6H+fbg02UsGx3xCWqWYcVUklXr7UnPAb7fTQcwNkSdXf3O9ay8BKDWtn5F2MrW7ssgPfM58LfKs1tn0tHeXK1mQ8LI2HpetmZuXYeWftEXY/E6Rz0HSX0c7yh4Wr95AFNs2fUZYDaG+OFsvY+PKhjGEXDo0n2rmg1LNnYgO0hZ7leufQNGEq2udTezsFrxgvuu1IXXFA7hAxnUNUNJtND30c6A3Vco3fXpn2FshVnyMe/JWbV+ck/T8IhutIP0IV1x+PY8a2+t0b+2WHhBqfHwgrkYYIVDsKDhZB3IYMtAJKmNe5lAyTqEmxwWLP2qn2dSidfR8MzbxhpQ8c0xPgXbd2hyiH+7aLd1k88HyX5g0hjWqNlxSBQWH+ukRWvpSFxto+ZyFJkLhU1AyWtGvHcwnq877Wqt9Cx8wyFdDBg+jIdCrt/esR4qOxBTM3p936FCOViHLzzMQsaMkkz2HkuZ6Csccj5NZ5S9ctFbVQtjmW7tlbayfm/WwDVclmWzN5phyQoL5Fa4XlouE3rXO3C6Ava72m0NkmMK6QRUL0B4BAXXgdZXD7y/lRuxysCSEoQt8TomGdCzGm/6tY+jBxfdMgUFn3qwIsr1dwoc9wWYHdKdi41sB2pJ1d8DfuO5JzyHu25h3gy0xavAROEVM+gfMAM14gU/SZWBz+4LfOG8lHRBliWex5zcFNM+HKGXH6tPYt/YyVXnNoSCsOhuFcD2SWHB/PvqHSdLxXF7Vc+tKWBuENsfmOtesQMp5jnJIUHBJWEmJ20u3HPsnveYewzEGdYSTU6YbxQ+y8fx+blKQxcQs4fNuU7i0V4/hbd1KLyUr5yjWTEhOZ3A84axCp5FIlSvPDeiICne/CJzY/SzvJluGY4I+ZZIyKZ7f2mOY7/H2OmoN6WmW9Z6A0+uHBLSfh8Kb6uRBmMU1ol0F97x6fqzGpKzoOB50dVd2vGAwMkThlVIdXD096UUiKL3yJ/J3f2la2kIoYk42cXfR5X2K5w3ZbrOPsqukgqpXAJJihUgcBaW9VgzzNE38braETxzR5/dUSOhyUiJ18dYvC0kjBMcDnG2r+Oa2wRnMoKgbUHAvPHIVHR2ejrzSn8DmRcWIrvK7NAYCrXoTBWCPZasFROrzLO+8vGJm0hxjG+TkEGyX08MUcAZ+s5v62HfYuuBw6T9OIp0xSI9xskOR3fxheJELbsffJo17rAZocGG9QxZ+718zxdAmCnbIXsi9Bwg3zEoT+wR6z66q5jCt2HgvvohDvYasG31S3fGosE2sLDZj3Sk+b4U/q6TKL3CqNQZmX/Z0zXaF3o43UMyQHwLznKGvsQeBBHR7f74UgWL9Y/DBZs/bIfSD5JadanWnYOYJV5Z7DamQ2GQurNBHYx1Ei0E+WJj/fJyd14yLPZK8OvL0tNWmpNhf1TRzSO/FZJ1GA6+aqLwlqLTbhsTqedbUd+HuPxLCilhwsvssoyuCDySCCCF4HhlU5sHi27tfiZezWAmNAx+xZ5J1JAtKHCdqz/Hrg+HOrUkLS3kNIS0Kaz2j74kEt6/lZHLek2o6YEYh37WUsfGxJBDhresB/gsoZ+aFQbORjxbfN25gxPZYri8Qo9yn/wBSgnQVCMMAAA=
.audrte.com/ Name: arcki2
Value: 1ahoQVMeEFsTxis9HJdSofxEg!20210804!1649901089184
.globo.com/ Name: cto_bundle
Value: N8xES19CSU8zZElGOXlaRXkzSWFOR25XajFlMkFOSEdvWWFUbzRMWUtiNk54aXIyRU92SSUyRmd1JTJGRXlDY2pET3o4c0VjSmFFR05aUzZnRHZXQ1VNU3Z2U3V6cVNrRjNqM3hwa1RIeG1GbCUyRm9nVEVBSkl4YVFPazU0c2NvQVE2M3hZaXk2cmN6VyUyQmZKbmxPdGVod3V4JTJCMllYZmlnJTNEJTNE
.revistaquem.globo.com/ Name: cto_bundle
Value: N8xES19CSU8zZElGOXlaRXkzSWFOR25XajFlMkFOSEdvWWFUbzRMWUtiNk54aXIyRU92SSUyRmd1JTJGRXlDY2pET3o4c0VjSmFFR05aUzZnRHZXQ1VNU3Z2U3V6cVNrRjNqM3hwa1RIeG1GbCUyRm9nVEVBSkl4YVFPazU0c2NvQVE2M3hZaXk2cmN6VyUyQmZKbmxPdGVod3V4JTJCMllYZmlnJTNEJTNE
.pubmatic.com/ Name: DPSync3
Value: 1651104000%3A245_227_235_221_226_241_197_219_201%7C1649980800%3A174
ads.playground.xyz/ Name: connect.sid
Value: s%3ASoLrJSf26F6BLQ764cIBqJR49X46zosP.d%2FzDjzUlmZMXV2tDtAHWpGsjxlxGd5JiZLiaXNr8ChM
.weborama.fr/ Name: AFFICHE_W
Value: ys7h1lydYnTK53
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-39puKE4JagRQSWgQaUTShTQa
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: c29fbe2cb0b750ff
.tribalfusion.com/ Name: ANON_ID
Value: adnseFuyTYFBErv6YboiLZddn3fUyvUJnlNIEZbj1EloC9hLP3j92oTZaZb3KV2ByOgoVDaJnHV7nbyiAJT62ZaO3
.pubmatic.com/ Name: SyncRTB3
Value: 1651104000%3A13_220_104_166_55_22_244_189_99_165_161_54_5_176_222_81_8_231_56_234_238_3_71_204_233_7_243_88_21_57%7C1650758400%3A63%7C1652486400%3A203%7C1651190400%3A35%7C1655078400%3A69%7C1650499200%3A15_2_223
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:N1yNz4lE1NEODS5
.pubmatic.com/ Name: PugT
Value: 1649901090
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D8d892056-7fc0-4ee6-baa6-e3bcfc521ce6
.bnmla.com/ Name: rx_uuid
Value: 8d892056-7fc0-4ee6-baa6-e3bcfc521ce6
.bnmla.com/ Name: rx_maxage_10738
Value: 1651197090
.bnmla.com/ Name: rx_sspid_10738
Value: 6_170
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1649922692794
ads.stickyadstv.com/ Name: pxId
Value: 7169
.adnxs.com/ Name: icu
Value: ChgI1dN1EAoYBCAEKAQwpfzdkgY4BEAESAQKGAiem3gQChgBIAEoATCc_N2SBjgBQAFIAQoYCMPzeBAKGAEgASgBMJ383ZIGOAFAAUgBEKX83ZIGGAU.
.gumgum.com/ Name: vst
Value: e_4c91ee17-416b-4afe-83e4-92245583aca5
.3lift.com/ Name: tluid
Value: 1481605999243655540028
.advertising.com/ Name: APID
Value: UP69a69abb-bb95-11ec-bde6-063271c60a24
.casalemedia.com/ Name: CMID
Value: Yld.JZIV6dZRMR1hZNwGRQAA
.casalemedia.com/ Name: CMPS
Value: 5224
.casalemedia.com/ Name: CMPRO
Value: 1106
.casalemedia.com/ Name: CMST
Value: Yld+JWJXfiUA
.tremorhub.com/ Name: tvid
Value: 0d9bbdcda8c748a28158e96c16e6f95f
.creativecdn.com/ Name: u
Value: 8opCbLz1Th8XQmx5u6rL
.creativecdn.com/ Name: ts
Value: 1649901093
.360yield.com/ Name: tuuid
Value: f5fd84f1-fcdf-452c-9db4-460a6f60a0bf
.360yield.com/ Name: tuuid_lu
Value: 1649901094

6 Console Messages

Source Level URL
Text
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOxuwUuDm%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://horizon-track.globo.com/event/editora
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://r.nexac.com/e/getdata.xgi?dt=br&pkey=gpwn29rvapq62&ru=https://beacon.krxd.net/data.gif?_kuid%3DOxuwUuDm%26_kdpid%3D2dd640a6-6ebd-4d4f-af30-af8baa441a0d%26dlxid%3D%3Cna_id%3E%26dlxdata%3D%3Cna_da%3E
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://horizon-track.globo.com/event/editora
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
1f2e7.v.fwmrm.net
29f33738099d8a2ba9033c0012e3fcbd.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
aca576afd1bf443543c13a542593589f.safeframe.googlesyndication.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ads.vidoomy.com
ads.yahoo.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
aktrack.pubmatic.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
barra.globo.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
c2.taboola.com
c2shb.pubgw.yahoo.com
cd.navdmp.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.krxd.net
cdn.navdmp.com
cdn.onesignal.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cds.taboola.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cocoon.globo.com
connect.facebook.net
consumer.krxd.net
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs.emxdgt.com
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
docker.creative-serving.com
dpm.demdex.net
eb2.3lift.com
eus.rubiconproject.com
experience.tinypass.com
f269a83e8b4605864766c6a3902e8c78.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fec9fe8de1b879341a5e33774e1c28ef.safeframe.googlesyndication.com
fra1-ib.adnxs.com
gadasource.storage.googleapis.com
geo.moatads.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hbopenbid.pubmatic.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
i.w55c.net
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
impr.taboola.com
imprammp.taboola.com
ivccf.ivcbrasil.org.br
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
mug.criteo.com
mwzeom.zeotap.com
nr-events.taboola.com
onesignal.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.publishers.tremorhub.com
pips.taboola.com
pixel-a.sitescout.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
r.nexac.com
rbp.mxptint.net
revistaquem.globo.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.amazon-adsystem.com
s.glbimg.com
s.seedtag.com
s.tribalfusion.com
s0.2mdn.net
s2.glbimg.com
s3.amazonaws.com
s3.glbimg.com
sb.scorecardresearch.com
script.hotjar.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssbsync.smartadserver.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.hotjar.com
static.infoglobo.com.br
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.navdmp.com
sync.outbrain.com
sync.search.spotxchange.com
sync.springserve.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
sync.tidaltv.com
t.lkqd.net
t.pubmatic.com
taboola-supply-partners.tremorhub.com
tag.navdmp.com
tags.tiqcdn.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
tsdtocl.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usergate.globo.com
usermatch.krxd.net
usersync.gumgum.com
usr.navdmp.com
v.lkqd.net
vars.hotjar.com
vid-io-cle.springserve.com
vid.pubmatic.com
vid.springserve.com
vidoomy-d.openx.net
vidstat.taboola.com
vpaid.pubmatic.com
vpaid.springserve.com
wf.taboola.com
widget.perfectmarket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
z.moatads.com
aud.pubmatic.com
docker.creative-serving.com
match.adsby.bidtheatre.com
match.bnmla.com
p.rfihub.com
r.nexac.com
rbp.mxptint.net
revistaquem.globo.com
simage2.pubmatic.com
sync.ipredictive.com
sync.tidaltv.com
t.lkqd.net
104.109.78.125
104.111.215.191
108.138.17.83
124.146.215.42
13.248.245.213
13.32.121.17
141.226.224.32
141.226.228.48
141.94.170.64
141.94.170.77
141.94.73.195
142.250.186.70
142.250.186.98
146.20.128.115
146.20.132.170
146.20.132.192
147.75.38.124
151.101.1.44
151.101.129.44
151.101.130.133
151.101.130.49
151.101.193.44
151.101.194.133
151.101.65.44
151.139.128.11
162.55.120.196
169.50.137.182
172.217.16.130
178.162.133.149
178.250.0.130
178.250.0.157
178.250.0.165
18.134.84.23
18.135.183.184
18.156.0.31
18.156.195.47
18.194.183.160
18.195.155.181
18.66.139.40
185.184.8.90
185.64.189.111
185.64.189.112
185.64.189.226
185.64.190.78
185.64.190.80
185.86.137.122
185.86.137.132
185.86.138.32
185.94.180.123
185.94.180.125
186.192.81.117
186.192.81.156
186.192.90.3
186.192.91.5
186.192.91.9
193.122.130.38
195.5.165.20
198.148.27.139
198.47.127.20
2.18.233.180
2.18.234.233
2.19.35.65
2001:4de0:ac19::1:b:3a
2001:678:cb4:bbbb::11
201.7.177.167
201.7.182.142
201.7.182.243
204.237.133.120
209.54.180.3
212.82.100.182
213.155.156.183
213.19.147.45
216.200.232.253
216.52.2.30
23.22.97.176
23.35.228.23
23.35.236.188
23.35.236.201
23.35.236.209
23.35.236.247
23.35.237.151
23.88.75.188
2600:1f18:612b:4232:6e00:7b23:6545:3513
2600:9000:2240:aa00:15:6f6c:b180:93a1
2602:803:c003:200::31
2606:4700:10::6816:1957
2606:4700:3032::ac43:bf95
2606:4700:4400::ac40:98f5
2606:4700::6810:5914
2606:4700::6810:bf3
2606:4700::6810:f015
2606:4700::6811:b8b1
2606:4700::6812:e234
2620:116:800d:21:fcb8:22d2:d390:5f1b
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:800::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200e
2a00:1450:4001:827::2006
2a00:1450:4001:827::2010
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2001
2a00:1450:400c:c0b::9b
2a02:2638:1::13
2a02:2638::3
2a02:fa8:8806:12::1400
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:8032:ea84:336c:262b
3.121.19.101
3.129.250.65
3.141.212.22
3.208.213.85
34.102.253.54
34.107.148.139
34.120.133.55
34.199.172.6
34.205.3.24
34.239.97.35
34.241.231.109
34.241.76.6
34.248.76.8
34.98.64.218
35.158.19.170
35.186.253.211
35.201.81.244
35.211.79.33
35.227.208.19
35.244.174.68
35.244.182.124
35.71.131.137
37.157.6.241
37.252.172.123
37.252.172.45
38.91.45.7
46.105.202.126
50.31.142.191
51.178.20.140
51.195.5.40
52.208.103.128
52.214.225.4
52.222.210.175
52.222.236.122
52.29.63.16
52.30.14.23
52.41.107.6
52.50.214.249
52.58.249.203
52.59.41.116
52.95.115.255
54.171.196.80
54.228.116.54
54.231.161.120
54.75.174.52
63.32.228.167
63.33.77.67
66.155.71.25
69.173.144.138
69.173.144.165
70.42.32.127
72.251.241.206
77.243.60.138
00d39ce1016d7dcbd3a871300df2e84480e0a86fd9c850d24f82bd13c3b35fd5
0159d6021d92cfda40a8c932f6d3fc397b8a226d2b5fcd2ef6941deda07731f4
021b23d6cce7c934afbade06a6a3f058072f99930cc5f6a72038324d00686b18
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
05163eb5b956deaad5a617709f1608bfd2db0b937ae10b43a4419f6c9490af61
051a9bf0266156c8d39a139fb96260f0ab01c1b21d07715e15266a663f814899
05e55a8e47d16674a1f017ae9916e2f9950db37a222d8f9a536867f4019b87e7
05fc25c3ad98f628b851875b9d1d369fc319b2aacdd7cb69a7cc1220cf762e6d
068e2ad9020fdc590c232b49e3ebbb8b540719796165ad86ab75bb6a7f54bf20
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06edb247c5467d6b3fcb11c7064dd3d8803c6b41511f09cc02160dff739ae295
0781f59d87b5ab5ff9035d621c6b513f69bbfd69a350f13d26fc46dbf137048c
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
08f727d493d0590199568403e67b29c88db5b674e90532f49d013e6e233224fc
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0a408e1ed78d0614e1d6c4b411bf24106f9afa6dba5ab0153bdf367e186f6530
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c08e9645aef1fbe59b11c8b45e5b70d0263e7f4ce65831231fd355ef1f5d3b8
0c8fc1e3cf523bb50d8c1901200aa315de482d48c04b34a53908482e4976b06d
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116401015af3c0c3b59e2933c637639cf768cedf4e46d8e53510b1e4d6d7c32e
11a97dcb69d07f253ab99472b69174f4c0b8d32d20ab4dcd41275b40298bb4db
12959d1509cf8a425771cc53fbf69caa83836cb74fc842dfb7a5249bfde1e9db
13bd93e14e6db23c4cb0098c88232e98676a48e199d720fc05495c36bd684d19
14169cc068daecf33e22739b7f0b52b4cd35d883b48615e5ab7b7ca0e9edf4a5
155ce132c638d82643468f7827a0c612102d1f0f06e6004405f14f396d01dba3
15d5272370e339f9c6321d1ee27d7891748e46b9762c32535800344220de1d8c
15e5c616c72e9596d407435ea7c57fa18ddc1d7120776dde36aed479b7bc5b16
175d0173d6b4b4a5fec4a2983180997013cade6453b7f860a154a6164f860bfa
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181ddc81b96640856391cdf722703ec20adada736d23c3d837ef6318fc9cb7ea
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
192d2eb7078526e7974933da14512e5f5d64902e654d1e4ee5b421abbf169a3b
1967148e397e18e01b981c1b8203a8eba24e143bfbf5410919ceab4340cf570f
19efc3e5acf9c274b1634e7992767a7ced22ba153acdb67a85edd172292f1ac5
1ac7e6b68a127fd1254f55a57095c0deefe0f8e971d8a7ce91ee1d9088f24cfa
1be45c7a0fdf34b220113cd7d2f3ba2d19e81502792c1ab77da76adc36c30036
1c4d3b42ea49082ad71d280333662e2230c0fbc7fa53cec90e3d99d9a35d359d
1ed0cdb87b299cbbb3c0471d2868db5f5071995c1ae40c1ee3f5e6e9218832f9
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f85772776b2b63de72d7fbf6ba2a67a649dad1c9cc5f7877bb640cec76904f7
2002f5efec2e7f5bfbd9563863a45a4f2b15ac2dcef9df77cdc267e64532d8ef
232f1e41e0421fc51b74d17a6982e940674ec4a5af6269e8a19497ae73c1bc23
24fda9b8ba968755625a6c65f2e09416c937b16d15197710349b4bbb71db4419
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2649e62d7d4564299581ce0f4f0dd3939e254880313846a257b042fbdae07aca
26dc3fe44f9b1a9e39ba2d7946b5d0a96a1dcf95651c2f85bae51c46e59c4628
2712725740a6e8dd1a2101fcac2c125fda437e802060bd56db867cac98b3e0d7
288c9161dc86efed9a25473ceea9c6daeaf2c2194241ff9b1f4796976dc6fdc2
28c21e154d55d88ba8a078c17cb30a7e30ad3835a47500905caa44c85062669c
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29148f34ac30bb336922b3e8d0300a0acd45fbdefd3fc71451de441a1fdbc1de
2946c0bcb402f9717d4b473b3e45222c89c938db1a46a72a0c800db13b54bb57
29a7acb3f87061fbdf4eddbf36f35650ea73bb93b20848a5c39aba88c8ba3896
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab2c730badb48e44bce8ff702ea8658fb0e77df659141706d931ae2ed7fbb1f
2c295aa4b7ba8950be488f4ecb7b979862d8401472edcab98e5483b978b1978b
2c3bb77fbe888144bdf57c9a96903009b892afddc389ebd171bf17164eca89f4
2c5bee7537d03c148c05df01857dcf5bc7072aba13d120d5d00a2b64ee81cfa7
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e53bbdf41db08d5017462fe9963a8ee505c7a8ff83756c5217635019a076465
2f1b3941c95cc86eccf37613b6a658b61dfd925340a2f22d3e5729eb735daf17
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3045f287ed31e2a3bff8a8b6fa4e1575743cae0d2febd6270eaf7011d6c917db
3160df6d4abe7c604d8f03792d5375792c4c7172648e4afa3532300f1d10cab1
324a3a6e9975fe42489699b33997a236eb00c20b3f5404719dca740e12a5123e
332b1f0ca617e3dc786122eb3d7a7ed33930d9c53cf81e8b56e07882640940c9
33e63ed9f45c708cdca8ca112a1fbbaa8c3a46a9363693f302b7c978a8950bad
3510f4c9fe53fe9946a990d973cc0d68c21732b3db03dd880023218fd0b34a51
3618d79ad3db136bc1c3daa92384c7219e84feded9304ecdb84fba359dab15f7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36ae762191d24727fbba21272ea14872bb7824188961282001d50e67f7b1881c
37394d3cc7b2adab449bad8a6f25e8968a1d3274f891e6175996592ffb7a078e
377f6288ceb50b8db43ac5a8a0a862dffa067ddbd5ac090c63518cfb980e9a48
3781f0a3009791ef9628c3b02189c39582b1b49923a876bb39f1799383a5589e
387604d1299018274fcca30e5c92bb1018d4bbf3cd8d7e7ce0ed5b21ae04a754
38821c94fe158d4a49849a3a55be31ed279f7d5f53cf75ef98abdcf792459e8a
3a002509f2f507a7d5780894697e6853bd55ef88d1019c3a02f68186141d62c6
3b56489731c504ca8eab1f8000c662bdf30849398bf1daeb8d7f110e300883c7
3bcaf1f1a28f86d7cb894d9315a6676fc0e09b5c6968b500a238fac032669146
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3bdaf6133ae7de97fb03c6261445580d9868ce51d260bda0bfe71024c03dd790
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138
3cd2dbeec99af4c840cea72d956ce0f19b66815932798871b0ffc1d6d67c47a7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe9044144a9e2528f344d160e470b0d0d54023fc9a5314a6691cc6ca6c488be
403ea6924e31024aed5cc65a54077870bf6ed5ec8fd8d44485c5fedef2ffc59a
40aaf0eb0de13818be02702077190a882dac4618d58d16646ad8a056423b788c
41cf19d46a66e868f5d95cb4901a0e16f5c3fa8aab7a729ba3c4b5f528bfa48c
41e351d3e1b97fdcff651bfbdf9d875f3204af0643c5bfe02f1534f28e9468d1
4577849355a747601ae4a4e5c671a96064e8ad1382b94b073b7158bdb846e07a
45becafb9897215cd7d1a2ecc48c38ed304e9ad5166fb44b28500a6c7f54f1b9
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
46b484ef0ed60dcd8f5be8035cd9e753834e47f3d2c6ea7b8676d51d73d5bd55
47a407adbb2335b3f340b3de75e50542d1c1adae96a54b98423c4bf1927dae9d
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f0cf548f400589e0dc99934c21eb6875ee8e9109071c721aac7ec03c4b4471
4a1026502fbc11f9a4dd58e4db93b4df0c1df03273dcb44b0f0d03669631d5dd
4a47497fff81c9bdf3552f3e83a3bda9c4e79e82d426e92e2c1134318fa04b68
4a516e648890554c0edfb530da37f1168aa5f524b2a6da49c1f194549f94d5a9
4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3
4ab17dec66e5e6ac09edbdbb8940684e95facd8bc19792aa8101a7d7a02d4277
4ad75baebbcb819ec3214e8968e2d4f097f9e0c9450ddad294be1f76efd4052d
4b177a95cee28be021d7e92f57c9f460d34ef8613f5d0871eb40923c3449568e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e375d76b96016f2a080db6e2f968bc666a3255bd40577c04e908c80e6f9ef45
4eba10304f45a9ca7d6b3b882e564a5dd00d3900dc515fbe6137765ed0fb45a3
4f1fb7dc346c7efaaeeb56100702c0e2e47046d21d8b6475f8f99540595b20d3
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f73a51ca7ffa8218ed38de84ae75c69c2cec2a75be6d44ae7716a35799d8216
4f96151d2175bec22bbe80198929c8b07d52a4ace4a0238564d67574e7630262
52da9a9e9b8e27c39dc5352c75f944738f6941b905541c0b6a42a3f725bd617e
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a87ff9ead205dbc3a99e2520f1b743ca86d63f91698b3eaaf98858a9563f90
55311cd7d419842cf735cfcd71ad0ce95c25baec490b99a78e269240e0014b8f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56146c12df1bb77b28379a2c698dadac07bfeccfcb12315e619142ff882aa969
567a6be7fa13ba4f8b6ec31d3f56a3402e9000ac83bcb241bc822e5a3b8447fb
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
59f97016ea655ac5962a98b1f029403ec38299d2357ad78f26b51f09daafc4f1
5b12f0e24608e6b90ace039c2cf451cc73ae962387727fa20b257759e525ea8b
5b383f17092354aea8e8598be6d4d8acb0de6a35b1f69620e85da57045197522
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5b9467aba0de1d1acafd0553282d7da2ba58d3544872ae622d7cf4e992c99374
5d7ac0b32a1a31bed0806e2dfd67dd0ea6fb218a26d4caf5d04447f01a988f19
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
610787c31b1001f0697b3be7e652121c9889ee55561a414e3a618aae2194133a
614bf89061b5e5734019992b5aeb278be2322bfbfd138240087589e56a8f5368
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f2c377b1c025f819f49dadef6fe1c4b6eb2e340c4cbe9c70f5d43b6e95a598
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64a885df491c3695b88cb90300114f33453ae230f7ded3235dbca91132882b99
655e8547a0f057f68c1a3bbe78d65bcdaee6bc402814d11e3b6fc1da6e0d9dfc
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
6624e2860f98fbe6ef2fc2b87590d2b88ab0f2fe205214dc87d97e9039284a4e
66447cfc636542b4acdb280f4d41993dd18718ba71c208ef9b74f24ca508353d
66f79d38dfdc7c2c8c0b86abe620e091e7f08ab89d01bbea99079e48cd05a5b5
678e3374b4ba55e6f4d1b0407fcef2038429abb1e9ef3afdcad9185a1b6e42af
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
681ce807f94422036848a5c4dfdfc73ff92ffd533947fbb288cae8e334135970
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
68b8126ff29602a4e807202845bb38add6117f62299e17981504ae6be9962990
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbae3ea85056cdaec94f34a6aa24d71d32af6ed442304785fbfec2b89976ed4
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6ecc2fcc947a095c427568c9c88a01754707f66e19c4599e3775d81bbda42376
6f0a26c236d11ec79660cb5546d7377a67bad88d2c9b607d2f4a54e2c8b1f440
6f5e0cfc72b7fdeea2a57455b7ce03b1ae06a970f9cf44983304384c92632119
6f60e605ea5f9aa6dc56e77e638a12890de837cf5d64d97d268167254827268c
6f797d664e491ce3d75b4060a8d96f5aae6643259c25ed5a537fa69bc69b05a5
705e3b638a6b8f33cc7837c616847019b789c93d04d184710cf410174ebda900
70978628a17946d144aaab5ff3dcfb84eccc155be63f30515ba2200428ec2d6e
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
71d94e3ecf65c3f08d42b45f03fb58b1c0be733de4bfefbd2f87d950f9c1265c
720b24863001ba0ad2ee0e6d021f25e1f45c2d729cfa213fb25ea0bd9e51332c
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7698581c6ce7e5241d7bc2a4066a24abb52a938ccffa4befb7b366cc0560719a
77a6e7584722f285dd6b3039728b6f1aab3948e60b4c26298600f1a5ee155bbb
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
78feddd6c0851ce96f7af29ee2a51c3445c276b4ef7ad940d15ac351cd71dacc
7942ea0e29c995353e08a20c2b97781bcd1df4b80c15c640d1a790d54da04818
79effc6309e95c6db32fbcd00ed5fe8ad02928e0b71c3a3c319640a68507ea61
7b60f0afd32ef170a025452d6fbaad529ff4c0da0c70aea2cead0bf7d5fc40fb
7b7328681d1b9f1fe9018c7e4bf76829398277147824696fed61181decdc4049
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e408fd0afde9552f1a3f0007039be7b154879b8753358372414cdd05c4486f3
7e7b13348f7633fcb88924e671b71ad10d7c1fa5498473dafb62ad56eb442096
7f8f67fa393739ae2d8438ea639c3d15b1b27ae73456deecf17e5e47e876d724
818f601c24ffd6fb177d3b472a8e1e3506df22201b663a53926cbc2e9850aac5
82cd1b61b349324e102d58679583114bd5b2620347f422ad05851b825a926748
82f6aa9133be43a0cbdcfbf90d59e538b0fe46d6378dad934c09af81013ea678
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854c390f3e37ee3c720eb70f2ad4a4fdb3b18d49b005fd348dd6983297c5ca24
8562314971d42837bfe69a65a1073116ad8b4ae2ca55510e0fdde55290ec287d
85bc7863e8d1a7d4d4d259c8a8f847dcb66f0033a92a7608d403b7ce26625b1c
872cf5b1fc5d78d4697452c04483c4afe1dec0f40247ea64d05a051dcc43bad9
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a08328c4bcd73041a2fecd4f16efe23074dd25ccbf2ebd32d4ab2ad64f52311
8a80deb88f7a282768b77eac8c7fd6811a7a01054e1970f2379e1c3f241400eb
8ab432a75639b2653ba74325bb39f48d9057dade3b44acd6d1ccffdfa5419480
8ab437d66d4e2b6020a404697b11ac580e215723224bf58298281551bf6aa5d1
8b29691a91ee4c0f1d407cf959f43101bc58f6f6e702198e76b5f8cfd8f92d4e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc6ba2cebad8548d43d8c99220b39cad49eab5ee145a7177a03fe94403d1e85
8dd2945cf2b95270268ccef88ff25acf706ec8335e24e720741cd030c245509c
8dfb8ca877e68f8f14d256e37fd7c5f0541e6f753e5bb5ee519353af24d49a12
8f1a3d598fdf99310e1bdbd044977129a199803687c4288c79cb77a32de85de2
8f57c27c59dd99a164f294f700e0bb210f118b46190fba22c7c96b4b41ec5f90
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
8fc1bf0012884a2ecdf3e7deccecc3bec80cc9cba7a1a6fe394c9956d15d883f
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9173a4efb861aef9c0ca93e52076e2509f8b562f8da539160a7bcfece3a4fc02
92619628c982680513ddea4f7e6e018dca7ffead1446acb143f49d78af4b8f93
92db40d16cb8ca6e243d000bc0a2f249aeb503b3109c6ea0d5892f531204c078
9476350068dbd8b61373906f6d9dba49ed31ed5d64d6ee2d48da082c44a447dc
961d2527913673b9488d10ca5f8ceb13ad768457a5918d1595b9fafbd8ad08a3
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
981f5728d7beeb7af673d88d8e2d220bace90b334a1bc636cd9fb54f16937448
98a9c318bc8344fa117dfda5806a268974e840c0e5a5e2bcf0cef0e2f24da275
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9927a4cf5c349ac7b2de340041a0ad5ce14d7faaee1ad9eccae471f991ad2cfa
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cfe6a821f6512e865001d40fcbbbc421cf3e28d4b0817c28079fe46df0d994a
9d4f298b9266e5e548da14a56548eedc87dff49e1fc054dc7fd7b19cf0db55d0
9d5afdcc216ad4bf5d9eec1c238657a06480485f3faec8d1e2e6bc038c162a7e
9e777473fa9da8997b8fd0bdf78fe718a5d0ed18ab59340ab66bd9eb09318ade
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f1508da4c7e232fecfa9d9ca9c8d6d4097d449c91b20d51903af021612c1214
9f4f29db5b938c1593babc59fe2375de202a2e0df16c8a97036d5dc2857b5ab5
9f6cda5dfe0ccfa3ffdb47f8e23c2362748a7e4499da39187f4e35de19eb22a6
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9fc6c18a8e6ed3ba7cd3bb99cb3de3c5d9d480e211b582d450f071353c3208c4
9fee2cfb019e58f8f91ca9a5b7ae2a1e7c022337076f2d57f0c9973f3f9d309b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d30a6c6ed7af88ca43e0026375d4653dfeb13349d15df47ed2bcf2998994ef
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5187f2cc738cc227b7ec3e10975643c06d4356cfbe03f7334d8192e9da583dc
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
a6a357f767eded1d33facf42c6d087bc2e55f5e8d4c007581b8e306f0a02f66f
a6c25e591394ea7aa5b84b25e9e6b44e38773a3289a2db50987b2cf946c100ab
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a8323dcd0d6c7d37f497b52f8a3fe466c47557e24a4a2298fd6dfe45d95e1131
a8ea57e595e5a74b8dfd024976ee0c6ad7592a468866daa71ab9d9344bd1033c
aa65bb9bb4291250c31b2a721a8190c16bd6d23fe1d717badfbca023f7718308
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
aca1050d2fff37e97c87876c0ecb69b2e04443afeed2973bb00c5a83cc3d6f31
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad6f303010f4d0d273ed759c3ceed9e24118072b1bbe8c56d284b94174bf8da6
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
af1cfcefece6ec56ec553f418b8f9b213db677c2f7116080c56cd46639f7b3c8
af38286fa634519ab80524b90b1e992febefc15923c89b1663bcd46dfee2c383
b07e4058312fb34178de8a2f47664480686212db790fb6835293392743e5a7b6
b0b5da7e151ac3827a6b8f13fd19967fd4404ae45fa3eaca80adeabf35808c9b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b519b32eb18af1a54e9612663d02e74a431fa932f3dbbf319bb2f89a08061c51
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
b69c49abe718837ff9043ac2af6209617d9b7707a50a5a67f8492fa0faa2160e
b6b1391a9a499184a9d60faa2e8b212622dc880b1c5b5462fa99c559c9dea55d
b6f2d5803fd397500ddefed25e442e396e2b2c8fe52398344cd71ff7959a05a9
b7d8acf20075b97993e5d54624cf85ac868df2398985371d5c8555a45425c418
b86ed51fae7de953cf4b0940c6edfc04611befeb61cfd913b736ff079250d83e
bbc029f1d997ab0fa9fc1499f94fb93f83b350470966b2227c6b761b282e527c
be66edcd4db36136eb8bfd1b03ca972742f4ffbf84b2b74eb869c850b8b6a377
c05c3fa694b94cbf9791360818624943ba8a00022799852e3ceca61ef50c1ca3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22fbbe4bf63288095e3c83d2858a1f4b65b1acdc77ac28785824b184953f0d4
c56d3d6e1674afe4a6b4144ef949ab8e5efa2ee11eb51eefd2ef5318363c3030
c64a2ea8c0c0c71f9cf14fbe714fc298e85b511bdbb931d299f03b0645cc8d3f
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c6ef19bd8f7eb1c61859b76b528ce2e03495ae0c293e9a23840f9a04cc05e163
c74d0b2694837c98192091dae3ce5a8e55fe4cf7e7e9104529640349248996c6
c7cba051adb45bda78591c9b2f415a1009c62ca0301df36f7d92291bf5d423b4
c9333c7a7f077cc42b136872a860fb262cd891244b9c726f7934ca7220476639
c9f709689168ac389970872fab40c43343c086f9da673ff568b261dfb2f13159
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6f34c643bf09ae06fb8a1d1f0b7d7d3e8c6f83b3dd4958598e1b85b98ee0ee
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbce24d2a3704cee73eabb21b357f45d9a5fc2a18a541bc6aa0ee8e3049dd6ba
cd97a5bac90d9e2f62d8ef7ff715c53c56312bcb2ddde01e3454485ba317df37
ce8eeed627b6b2d98ce7c754c2cc4435152c9bd6d6b17ac2e1f1ae7036ab43ad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf78eb6b8deefa917667cf76c2583d2a1b8e9a45b14ffa2519f6a42a0fc33de9
d1d7dd47633b88cf806a22dd7349117acd506dfbd276bcab76f9f694ad06ca66
d1de187546e564a61ba6a5a86a44a6212ebac1e93e0e5e6980e1d300bdeba36a
d201b5b5fb19d4bf1daf1480da2cf181b71ed8a175fdc1720bf891ef50e18ee1
d2c894e0fd508c8cbe6e7bfb16ccc20f69adff0625f7734da7bb2c5cdabdf3ad
d318d1bd936490b1616889e835589397b9a11a445bbac62adf68eb56c084319d
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d4bad622f0b9836d5ef0297fa59e8a786d8d2350061ca21f660ef16f8e0e7424
d51e6679d0eca0442fe97192fbf01995fd805b7a14d68ff4d733b119e8412a8f
d6ad6c6b790e497ee9722a1fbf0f7a148305e1e4f055c129ce41bd2eb01aa1da
d74a55b377ca53a908794827239b1cb3e64faf76d291b95d08513e7ca6fcac99
d79ab4039ad7289a8030eca1e4f31f4e0ecd9b5b798109c2b3e1aafeb48a6e30
d7ca3dbab0cafa8d4dbebec0f905a17999e8c822a435692a0e7cd6d7cc44a4b0
d92bde9a1fa80d3f55abf5cbeb36292c2885c6d558418b9715d6a90a79a2e9cc
da0d7b33d5125507bc4d5f3eb719b6a7b592f08dae18372e5ea60dab5a781777
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da81891659c1736b0db31928a9fd0312e2891bab534addf4ceab05c8bc76354e
dad629e72db66f83347ffb17006dcd27b9296adf59739759f8cad58927ef33fb
dc5b76f7cd8e048e433f45a59d4519f5df24c8866ea7980b58838a590aed34a5
dc8d3b3701a95fae0ceb13be485bd16a31dcd0417066c9cc604d6c12e89bcd70
defd76ed2c223591f8859a049c948a92467923424c30b43c386ce60dae532740
e00bf6f20c1f17513422e1d52318b50e79f788bb03cc2ead97c8c711ae6962e2
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e0ed584a01d2f3b104a3aece2010217173b39fe6b22136fb9b455583b471548d
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e1d5858a25341be3c0c52d95d1e884aeb1107ca656350096c6612966947d5b92
e224ba99630b724e44b225c6a6965d361578c20787a8d742a89c441e7a178844
e236c35a27b818a5c6952ca03f31c0639491ed4aa332bc9cd5034ed7d53b49c1
e25f540c4617aa5479b51f95290a1b087ad0ec0d12ea63cdce69377afa05fbc0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb72fa88eb1d422d6f44b3cdec51f37e56977dc75c7b5039d50c98a7bc352c
e433fd58b79aab4ef01540c2f460f9ea075b90fb5dd450428d0196b2beb493aa
e45e59828c677e3e4c38548aaf88bf502fd803c702e60563b91862a1fcc94d43
e48a3f69eb2ce81790894baf38d3592dda37c117c993b52e661edcca11259f9b
e48c04f723a115625f43bf02f52a2ec7761f932f5d68cdf43b4f7a41a1059e40
e491d24944a1cbd73924dbbf48cae3a4b82ff0b84f84c75111e64f1369d8d2cf
e55127616531545b5247801cf08d055b30c21fdeb0df19ac2aecd90e2b9d80be
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e6809cdc2d43423c1bf1fd341a725f9e59cc5c3b7eb9bf45ddfb41ca61a35f93
e69be500b8ee1401e7d19efc64d14edf082ab12c8a2cae8eec3f3bcd49284060
e82651125583ff47831f367eb40354105881e968fa2acb63bfb3d214cc73b78a
e876877893000b5c8c9eeb02c30aa3bf1de88c1d2724da7dd17d80e1bd32e6c9
e8d3cc25b15ffeca98e3d513a9cfef0383e2d0f33e9ca7312c24f87cb6be3cf0
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
eaf02dfba3b3b7c0d9361aed031d5c62e9c9786f97096559c3e25ca1f9f5d028
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec3163cce183e601cd03d439a7120880c421cef0cadc8313256de78486441a10
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee1e36a738d18041169fee02c16797ac2d61ac9e6499128e6d4b5226fa8e67ed
ee72a800f0e75a30ba23632ed5689c707913bb9c598e22a825af375d10a2bc75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef665350f1f5c87587348157e4a16122de38b01eed69df6f110482ff3ed4fdeb
f0dd0b8ab5c30cabf8f8e21661aa92f32ece402684639a8b602ae838a983e471
f1b16a7311e10fef04597e3b135b410b9d8487a7c203e74cd32e2e307f71036c
f26d481f726d1a1cb156034379c44db699aa35dbeb7fe8aa31bf42722c65774f
f2eedb52ed8cda5a110ade58886f1f0c7bb59a5e591da0408959f6b49c55b7e7
f358522b256e8e0fbf7eaf8d1656e40d342378b397173d37abf1ad070bc32869
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f851b17761d140f156750a1e1b239f75be8b2009887a3f89a0af2871e41405b9
f8fe6d937854a9af03cfd77405c291b2cabe1a29c25f839928cebaaaea4f2b72
f9275fd4c56125b1ad5d555c4f6a3b9deb7e31974ff4f38a2a588aeb1b8ba6c5
f9cde36d04db73e25983dfd84384caebe402a0c5d8d8193ea18e2e50787c7632
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb4c391be2dd9e927d16789bebea68314f10f75383bc4a7b920e8addfdf3e44c
fb75c28b22a69d57f12f8a18abd64dc330c80910f9934bc6dcc3bb020e235a12
fe876b8d99181a67a590b93f8fd6f4c89fc33f2938c004644dd9f80f8afdf777
fe9b63819052818dc6cb6aa4aa9a32e7a6048bb877c1e21a8ae7515ec5c7fccc
fef5a532b71ee7e705550d686460033c32173ef2d893dc2d0328c037dfc6e57f
ff6fc2ae4c47d3651abc77109449bd3c9de1e5c854b7c51ca4b8fc1a5f199357
ffa1afd43c13d8b14b50083057bc01885849449e727567ae7f8863bf977ae3ef
fffaa703046a93163d20e0e5ab811939996ddf4b62fd503fac30bcf68c69bea6