gq.globo.com Open in urlscan Pro
201.7.177.252 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Submission: On September 04 via manual (September 4th 2023, 7:36:04 am UTC) from SG — Scanned from SG

Summary HTTP 466 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 109 IPs in 9 countries across 89 domains to perform 466 HTTP transactions. The main IP is 201.7.177.252, located in Brazil and belongs to Globo Comunicacao e Participacoes SA, BR. The main domain is gq.globo.com.
TLS certificate: Issued by R3 on August 16th 2023. Valid for: 3 months.

This is the only time gq.globo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	201.7.177.252 201.7.177.252	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
29	186.192.90.3 186.192.90.3	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
9	2404:6800:400... 2404:6800:4003:c03::84	15169 (GOOGLE) (GOOGLE)
7	186.192.91.5 186.192.91.5	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
11	186.192.91.9 186.192.91.9	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
7	2606:4700:303... 2606:4700:3032::6815:1d69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	3.160.188.50 3.160.188.50	16509 (AMAZON-02) (AMAZON-02)
21	2404:6800:400... 2404:6800:4003:c00::9d	15169 (GOOGLE) (GOOGLE)
2	23.76.212.194 23.76.212.194	16625 (AKAMAI-AS) (AKAMAI-AS)
4	35.211.79.33 35.211.79.33	15169 (GOOGLE) (GOOGLE)
1	34.95.229.88 34.95.229.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	54.230.112.53 54.230.112.53	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1 1	34.110.201.227 34.110.201.227	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	2404:6800:400... 2404:6800:4003:c1a::84	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4003:c02::61	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::cf	15169 (GOOGLE) (GOOGLE)
4	34.151.224.123 34.151.224.123	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	34.210.191.15 34.210.191.15	16509 (AMAZON-02) (AMAZON-02)
12	104.16.112.121 104.16.112.121	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2404:6800:400... 2404:6800:4003:c01::9d	15169 (GOOGLE) (GOOGLE)
7	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.142.88.219 18.142.88.219	16509 (AMAZON-02) (AMAZON-02)
8 8	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 3	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	54.192.111.34 54.192.111.34	16509 (AMAZON-02) (AMAZON-02)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
8 14	64.233.170.156 64.233.170.156	15169 (GOOGLE) (GOOGLE)
1	3.19.54.139 3.19.54.139	16509 (AMAZON-02) (AMAZON-02)
1	186.192.81.117 186.192.81.117	28604 (Globo Com...) (Globo Comunicacao e Participacoes SA)
2	35.244.153.86 35.244.153.86	15169 (GOOGLE) (GOOGLE)
3 6	74.125.24.148 74.125.24.148	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c05::84	15169 (GOOGLE) (GOOGLE)
2	35.198.44.170 35.198.44.170	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2620:116:800e... 2620:116:800e:21:a878:7c6e:cf7b:3362	16509 (AMAZON-02) (AMAZON-02)
2	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:217... 2600:9000:2175:7a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:d10... 2a02:6ea0:d100::13	60068 (CDN77 ^_^) (CDN77 ^_^)
7 8	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
6	212.36.83.246 212.36.83.246	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
9 12	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
21	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4003:c03::63	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c03::5f	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c1c::5e	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c04::5f	15169 (GOOGLE) (GOOGLE)
8	54.93.143.127 54.93.143.127	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4003:c03::8b	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6812:b07e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:1417:3f:... 2600:1417:3f:bbd::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e2:... 2606:4700:e2::ac40:8f26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6812:dff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.27.26.215 52.27.26.215	16509 (AMAZON-02) (AMAZON-02)
3	147.75.95.77 147.75.95.77	54825 (PACKET) (PACKET)
1	2404:6800:400... 2404:6800:4003:c0f::64	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:29aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c0f::8a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c03::9d	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
3 4	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
8	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 20	42.99.140.208 42.99.140.208	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
2	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
2 6	2406:da18:9ea... 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e	16509 (AMAZON-02) (AMAZON-02)
8	18.138.108.233 18.138.108.233	16509 (AMAZON-02) (AMAZON-02)
13	23.200.148.244 23.200.148.244	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.250.188.75 13.250.188.75	16509 (AMAZON-02) (AMAZON-02)
3	67.199.150.81 67.199.150.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
17	67.199.150.86 67.199.150.86	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	18.138.18.111 18.138.18.111	16509 (AMAZON-02) (AMAZON-02)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.138.97.44 18.138.97.44	16509 (AMAZON-02) (AMAZON-02)
1 1	35.230.38.116 35.230.38.116	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	2406:da18:929... 2406:da18:929:5a00:deb2:8da2:9e0e:3934	16509 (AMAZON-02) (AMAZON-02)
2 2	18.143.106.89 18.143.106.89	16509 (AMAZON-02) (AMAZON-02)
1	67.199.150.85 67.199.150.85	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	209.58.168.56 209.58.168.56	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2	67.199.150.94 67.199.150.94	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
5	207.65.33.84 207.65.33.84	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	2600:1417:3f:... 2600:1417:3f::1732:e8ce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 5	52.46.128.147 52.46.128.147	() ()
1	207.65.33.76 207.65.33.76	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	151.101.193.44 151.101.193.44	() ()
2 25	141.226.229.48 141.226.229.48	() ()
1 1	2600:1f14:c96... 2600:1f14:c96:cd00:31d1:394f:8c7a:d327	() ()
1 2	54.248.182.252 54.248.182.252	() ()
1	2600:9000:23d... 2600:9000:23d0:f400:15:6f6c:b180:93a1	() ()
3 4	185.84.60.21 185.84.60.21	() ()
1 2	182.161.73.146 182.161.73.146	() ()
1 1	35.186.154.107 35.186.154.107	() ()
1 2	35.186.193.173 35.186.193.173	() ()
1 1	139.162.40.113 139.162.40.113	() ()
1 1	2001:df2:a300... 2001:df2:a300:bbbb::135	() ()
1 1	23.108.103.8 23.108.103.8	() ()
2	23.36.254.89 23.36.254.89	() ()
1 1	8.43.72.98 8.43.72.98	() ()
2 2	18.197.253.159 18.197.253.159	() ()
1	23.106.127.164 23.106.127.164	() ()
1 1	35.208.249.213 35.208.249.213	() ()
1 1	35.213.89.133 35.213.89.133	() ()
1	209.191.163.210 209.191.163.210	() ()
1	74.214.196.131 74.214.196.131	() ()
1	23.106.127.39 23.106.127.39	() ()
2 2	3.126.166.0 3.126.166.0	() ()
1	35.71.178.8 35.71.178.8	() ()
1 1	54.158.55.205 54.158.55.205	() ()
1	82.145.213.8 82.145.213.8	() ()
2	44.210.174.132 44.210.174.132	() ()
2	54.148.231.196 54.148.231.196	() ()
1	52.17.186.143 52.17.186.143	() ()
2 3	52.94.222.140 52.94.222.140	() ()
1	2620:1ec:21::14 2620:1ec:21::14	() ()
1	141.226.224.32 141.226.224.32	() ()
2 2	13.228.234.186 13.228.234.186	() ()
1 1	34.102.253.54 34.102.253.54	() ()
466	109

2 201.7.177.252 (Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)

gq.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 186.192.90.3 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-90-3.prt.globo.com

s3.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c03::84 (Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 186.192.91.5 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-5.prt.globo.com

barra.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 186.192.91.9 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-91-9.prt.globo.com

s2-gq.glbimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::6815:1d69 (United States)

ASN13335 (CLOUDFLARENET, US)

audio4.audima.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.160.188.50 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-3-160-188-50.mrs52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4003:c00::9d (Singapore)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.76.212.194 (Hong Kong, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-76-212-194.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.211.79.33 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 33.79.211.35.bc.googleusercontent.com

horizon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
horizon-track.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.229.88 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.229.95.34.bc.googleusercontent.com

globo-ab.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.112.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-112-53.mrs52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.110.201.227 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.201.110.34.bc.googleusercontent.com

id.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::84 (Singapore)

ASN15169 (GOOGLE, US)

dc6b241228a425d8dce77511b744b85e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:c02::61 (Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::cf (Singapore)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.151.224.123 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 123.224.151.34.bc.googleusercontent.com

static.infoglobo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprsgmp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.191.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-191-15.us-west-2.compute.amazonaws.com

ivccf.ivcbrasil.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.16.112.121 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c01::9d (Singapore)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.142.88.219 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-88-219.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.223.40.198 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 124.146.215.46 (Japan) 3 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.111.34 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-192-111-34.mrs52.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 64.233.170.156 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 186.192.81.117 (Duque de Caxias, Brazil)

ASN28604 (Globo Comunicacao e Participacoes SA, BR)
PTR: 186-192-81-117.prt.globo.com

horizon-schemas.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.153.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.153.244.35.bc.googleusercontent.com

cocoon.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.24.148 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c05::84 (Singapore)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.198.44.170 (São Paulo, Brazil)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.44.198.35.bc.googleusercontent.com

usergate.globo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800e:21:a878:7c6e:cf7b:3362 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2175:7a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:d100::13 (Singapore)

ASN60068 (CDN77 ^_^, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.213.12.39 (Tokyo, Japan) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.36.83.246 (Terrassa, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.173.158.64 (Singapore) 9 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c03::63 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c03::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c1c::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c04::5f (Singapore)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.93.143.127 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com

aws.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4003:c03::8b (Singapore)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:b07e (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1417:3f:bbd::268b (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8f26 (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:dff8 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.27.26.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-26-215.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.95.77 (Tokyo, Japan)

ASN54825 (PACKET, US)

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::64 (Singapore)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)

d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::8a (Singapore)

ASN15169 (GOOGLE, US)

ampcid.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c03::9d (Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.179 (Singapore) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 42.99.140.208 (Japan) 6 redirects

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-208.pacnet.net

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)

4cywq-eqnre.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.138.108.233 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.200.148.244 (Kowloon, Hong Kong)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-148-244.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.188.75 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-188-75.ap-southeast-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.199.150.81 (Singapore)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 67.199.150.86 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.18.111 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-18-111.ap-southeast-1.compute.amazonaws.com

cm.ambientdsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.138.97.44 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-97-44.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.230.38.116 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:da18:929:5a00:deb2:8da2:9e0e:3934 (Singapore) 3 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.143.106.89 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.85 (Singapore)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.58.168.56 (Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.94 (Singapore)

ASN3257 (GTT-BACKBONE GTT, US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 207.65.33.84 (United States)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1417:3f::1732:e8ce (Singapore)

ASN20940 (AKAMAI-ASN1, NL)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.128.147 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.76 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (None, )

ASN- ()

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 141.226.229.48 (None, ) 2 redirects

ASN- ()

sg-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sg-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:c96:cd00:31d1:394f:8c7a:d327 (None, ) 1 redirects

ASN- ()

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.248.182.252 (None, ) 1 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:23d0:f400:15:6f6c:b180:93a1 (None, )

ASN- ()

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.21 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.146 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.154.107 (None, ) 1 redirects

ASN- ()

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (None, ) 1 redirects

ASN- ()

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.40.113 (None, ) 1 redirects

ASN- ()

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:a300:bbbb::135 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.103.8 (None, ) 1 redirects

ASN- ()

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.254.89 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (None, ) 1 redirects

ASN- ()

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.253.159 (None, ) 2 redirects

ASN- ()

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.164 (None, )

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (None, ) 1 redirects

ASN- ()

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.89.133 (None, ) 1 redirects

ASN- ()

trace.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.191.163.210 (None, )

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (None, )

ASN- ()

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.127.39 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.166.0 (None, ) 2 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.178.8 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.55.205 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (None, )

ASN- ()

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.210.174.132 (None, )

ASN- ()

vid-io-iad.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.148.231.196 (None, )

ASN- ()

vid-io-cle.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.186.143 (None, )

ASN- ()

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (None, ) 2 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.234.186 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 919 pm-widget.taboola.com — Cisco Umbrella Rank: 3145 trc.taboola.com vidstat.taboola.com sg-trc-events.taboola.com imprsgmp.taboola.com sg-match.taboola.com sg-vid-events.taboola.com sync.taboola.com sync-t1.taboola.com match.taboola.com pips.taboola.com cds.taboola.com	377 KB
46	glbimg.com s3.glbimg.com — Cisco Umbrella Rank: 78079 p.glbimg.com — Cisco Umbrella Rank: 116034 s2-gq.glbimg.com s.glbimg.com — Cisco Umbrella Rank: 82971	3 MB
42	pubmatic.com vpaid.pubmatic.com — Cisco Umbrella Rank: 5483 ads.pubmatic.com — Cisco Umbrella Rank: 513 image6.pubmatic.com — Cisco Umbrella Rank: 752 image2.pubmatic.com — Cisco Umbrella Rank: 895 simage2.pubmatic.com — Cisco Umbrella Rank: 794 image4.pubmatic.com — Cisco Umbrella Rank: 1151 vid.pubmatic.com — Cisco Umbrella Rank: 8435 st.pubmatic.com — Cisco Umbrella Rank: 1102 simage4.pubmatic.com — Cisco Umbrella Rank: 1267	231 KB
42	doubleclick.net 11 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 cm.g.doubleclick.net — Cisco Umbrella Rank: 237 ad.doubleclick.net — Cisco Umbrella Rank: 173 stats.g.doubleclick.net — Cisco Umbrella Rank: 87	278 KB
25	rubiconproject.com 10 redirects ads.rubiconproject.com — Cisco Umbrella Rank: 2088 pixel.rubiconproject.com — Cisco Umbrella Rank: 366 optimized-by.rubiconproject.com — Cisco Umbrella Rank: 3710 eus.rubiconproject.com pixel-us-east.rubiconproject.com token.rubiconproject.com	143 KB
24	stickyadstv.com 6 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 537 cdn.stickyadstv.com — Cisco Umbrella Rank: 4639	292 KB
21	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	197 KB
19	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 8364 cdn.tinypass.com — Cisco Umbrella Rank: 6028 buy.tinypass.com — Cisco Umbrella Rank: 6743	239 KB
17	seedtag.com t.seedtag.com — Cisco Umbrella Rank: 12574 s.seedtag.com — Cisco Umbrella Rank: 4532	288 KB
16	vidoomy.com ads.vidoomy.com — Cisco Umbrella Rank: 27402 vpaid.vidoomy.com — Cisco Umbrella Rank: 3064 a.vidoomy.com — Cisco Umbrella Rank: 2750 aws.vidoomy.com — Cisco Umbrella Rank: 50346	79 KB
14	globo.com 1 redirects gq.globo.com barra.globo.com — Cisco Umbrella Rank: 116529 horizon.globo.com — Cisco Umbrella Rank: 70192 globo-ab.globo.com — Cisco Umbrella Rank: 77493 id.globo.com — Cisco Umbrella Rank: 193484 horizon-schemas.globo.com — Cisco Umbrella Rank: 76392 cocoon.globo.com — Cisco Umbrella Rank: 98499 globo-mab.globo.com Failed usergate.globo.com — Cisco Umbrella Rank: 91008 horizon-track.globo.com — Cisco Umbrella Rank: 59932	125 KB
13	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1329 google-bidout-d.openx.net — Cisco Umbrella Rank: 1333 us-u.openx.net — Cisco Umbrella Rank: 478 jp-u.openx.net — Cisco Umbrella Rank: 12721 vidoomy-d.openx.net — Cisco Umbrella Rank: 36790 u.openx.net	3 KB
9	permutive.com api.permutive.com — Cisco Umbrella Rank: 2160 cdn.permutive.com — Cisco Umbrella Rank: 2877	87 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	318 KB
9	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 405	165 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com aax-eu.amazon-adsystem.com	5 KB
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 342	4 KB
8	adsrvr.org 8 redirects match.adsrvr.org — Cisco Umbrella Rank: 348	4 KB
7	springserve.com vid.springserve.com — Cisco Umbrella Rank: 6953 vpaid.springserve.com vid-io-iad.springserve.com vid-io-cle.springserve.com vid-io-dub.springserve.com	94 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 5180 p1cluster.cxense.com — Cisco Umbrella Rank: 9338 comcluster.cxense.com — Cisco Umbrella Rank: 4752 id.cxense.com — Cisco Umbrella Rank: 10121	81 KB
7	googlesyndication.com dc6b241228a425d8dce77511b744b85e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150	160 KB
7	audima.co audio4.audima.co — Cisco Umbrella Rank: 324022	125 KB
6	yahoo.com 5 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451 ups.analytics.yahoo.com — Cisco Umbrella Rank: 326	3 KB
6	tremorhub.com 2 redirects 4cywq-eqnre.ads.tremorhub.com — Cisco Umbrella Rank: 40942	3 KB
6	adform.net 3 redirects adx.adform.net — Cisco Umbrella Rank: 4440 c1.adform.net	4 KB
6	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 29919 usr.navdmp.com — Cisco Umbrella Rank: 35742 cdn.navdmp.com — Cisco Umbrella Rank: 7092	10 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 214	339 KB
6	googleapis.com gadasource.storage.googleapis.com — Cisco Umbrella Rank: 84289 fonts.googleapis.com — Cisco Umbrella Rank: 41 imasdk.googleapis.com — Cisco Umbrella Rank: 488	151 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
5	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 426 mug.criteo.com — Cisco Umbrella Rank: 2631 dis.criteo.com	8 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 165	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 239 secure.adnxs.com	3 KB
4	infoglobo.com.br static.infoglobo.com.br — Cisco Umbrella Rank: 272307	67 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 473	1 KB
3	gstatic.com fonts.gstatic.com	113 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2 ampcid.google.com — Cisco Umbrella Rank: 2618	440 B
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1240 pixel.quantserve.com — Cisco Umbrella Rank: 928 cms.quantserve.com — Cisco Umbrella Rank: 756	10 KB
3	socdm.com 3 redirects tg.socdm.com — Cisco Umbrella Rank: 1188	3 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 755 id5-sync.com — Cisco Umbrella Rank: 400	28 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 809 bcp.crwdcntrl.net — Cisco Umbrella Rank: 776 sync.crwdcntrl.net — Cisco Umbrella Rank: 795	13 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	smartadserver.com ssbsync.smartadserver.com rtb-csync.smartadserver.com	163 B
2	adscale.de 2 redirects ih.adscale.de	564 B
2	ctnsnet.com 1 redirects ipac.ctnsnet.com	673 B
2	bidr.io 1 redirects match.prod.bidr.io	421 B
2	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 70112	19 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 22684	1 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	2 KB
1	playground.xyz 1 redirects ads.playground.xyz	463 B
1	linkedin.com px.ads.linkedin.com	732 B
1	opera.com t.adx.opera.com	466 B
1	3lift.com eb2.3lift.com	140 B
1	contextweb.com bh.contextweb.com	688 B
1	lijit.com ce.lijit.com	311 B
1	popin.cc 1 redirects trace.popin.cc	357 B
1	mediago.io 1 redirects trace.mediago.io	712 B
1	admixer.net 1 redirects inv-nets.admixer.net	583 B
1	turn.com 1 redirects ad.turn.com	518 B
1	appier.net 1 redirects gocm.c.appier.net	436 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com	642 B
1	stackadapt.com sync.srv.stackadapt.com Failed	1 KB
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net	536 B
1	aralego.com 1 redirects sync.aralego.com — Cisco Umbrella Rank: 2723	474 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 791	657 B
1	ambientdsp.com 1 redirects cm.ambientdsp.com — Cisco Umbrella Rank: 24635	655 B
1	prmutv.co d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co — Cisco Umbrella Rank: 165597	383 B
1	google.com.sg ampcid.google.com.sg — Cisco Umbrella Rank: 107445	366 B
1	permutive.app d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app — Cisco Umbrella Rank: 97800	305 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 654	338 B
1	npttech.com www.npttech.com — Cisco Umbrella Rank: 7291	3 KB
1	piano.io c2.piano.io — Cisco Umbrella Rank: 5471	4 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1136	1 KB
1	ivcbrasil.org.br ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 142545	461 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1074	9 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 603	13 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1403	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1404	8 KB
0	loopme.me Failed csync.loopme.me Failed
0	iprom.net Failed core.iprom.net Failed
0	deepintent.com Failed match.deepintent.com Failed
0	tribalfusion.com Failed a.tribalfusion.com Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	cinarra.com Failed dps.jp.cinarra.com Failed
0	ad-m.asia Failed sync-dsp.ad-m.asia Failed
0	dotomi.com Failed pubmatic-match.dotomi.com Failed
0	pippio.com Failed pippio.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	semasio.net Failed uipglob.semasio.net Failed
466	89

	Domain	Requested by
29	s3.glbimg.com	gq.globo.com s3.glbimg.com p.glbimg.com s.glbimg.com barra.globo.com www.googletagmanager.com buy.tinypass.com
21	cdnjs.cloudflare.com	audio4.audima.co buy.tinypass.com
21	securepubads.g.doubleclick.net	s3.glbimg.com securepubads.g.doubleclick.net gq.globo.com www.googletagservices.com
20	ads.stickyadstv.com	6 redirects vpaid.vidoomy.com gq.globo.com cdn.stickyadstv.com
17	buy.tinypass.com	cdn.tinypass.com buy.tinypass.com
16	cdn.taboola.com	gq.globo.com cdn.taboola.com client
14	cm.g.doubleclick.net	8 redirects google-bidout-d.openx.net gq.globo.com eus.rubiconproject.com
12	sync.taboola.com	2 redirects sg-match.taboola.com eus.rubiconproject.com gq.globo.com
12	t.seedtag.com	securepubads.g.doubleclick.net t.seedtag.com
11	simage2.pubmatic.com	ads.pubmatic.com gq.globo.com
11	s2-gq.glbimg.com	gq.globo.com s3.glbimg.com
10	sg-trc-events.taboola.com	gq.globo.com cdn.taboola.com
9	www.googletagmanager.com	s3.glbimg.com www.googletagmanager.com
9	cdn.ampproject.org	gq.globo.com cdn.ampproject.org
8	optimized-by.rubiconproject.com	vpaid.vidoomy.com
8	api.permutive.com	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
8	aws.vidoomy.com	vpaid.vidoomy.com
8	pixel.rubiconproject.com	5 redirects eus.rubiconproject.com
8	x.bidswitch.net	7 redirects gq.globo.com
8	match.adsrvr.org	8 redirects
7	ads.pubmatic.com	vpaid.pubmatic.com ads.pubmatic.com
7	audio4.audima.co	gq.globo.com audio4.audima.co
6	trc.taboola.com	cdn.taboola.com gq.globo.com sg-match.taboola.com imprsgmp.taboola.com
6	image2.pubmatic.com	ads.pubmatic.com
6	vpaid.pubmatic.com	vpaid.vidoomy.com vpaid.springserve.com gq.globo.com
6	4cywq-eqnre.ads.tremorhub.com	2 redirects gq.globo.com vpaid.vidoomy.com
6	a.vidoomy.com	gq.globo.com vpaid.vidoomy.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net
6	ad.doubleclick.net	3 redirects gq.globo.com
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	s.amazon-adsystem.com	2 redirects gq.globo.com eus.rubiconproject.com
5	st.pubmatic.com	gq.globo.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gq.globo.com
5	s.seedtag.com	t.seedtag.com
5	sb.scorecardresearch.com	2 redirects gq.globo.com
5	s.glbimg.com	gq.globo.com s.glbimg.com
4	token.rubiconproject.com	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	cdn.stickyadstv.com	vpaid.vidoomy.com cdn.stickyadstv.com
4	pr-bh.ybp.yahoo.com	3 redirects ads.pubmatic.com
4	vidoomy-d.openx.net	vpaid.vidoomy.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	fonts.googleapis.com	audio4.audima.co buy.tinypass.com cdn.taboola.com
4	static.infoglobo.com.br	www.googletagmanager.com static.infoglobo.com.br
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	pixel.tapad.com	2 redirects ads.pubmatic.com
3	image6.pubmatic.com	ads.pubmatic.com
3	ib.adnxs.com	2 redirects d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
3	horizon-track.globo.com	s3.glbimg.com
3	fonts.gstatic.com	fonts.googleapis.com
3	tg.socdm.com	3 redirects
2	pm.w55c.net	2 redirects
2	vid-io-cle.springserve.com	gq.globo.com
2	vid-io-iad.springserve.com	gq.globo.com
2	u.openx.net	gq.globo.com
2	rtb.mfadsrvr.com	2 redirects
2	ih.adscale.de	2 redirects
2	eus.rubiconproject.com	imprsgmp.taboola.com eus.rubiconproject.com
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	dis.criteo.com	1 redirects gq.globo.com
2	match.prod.bidr.io	1 redirects gq.globo.com
2	vid.pubmatic.com	vpaid.pubmatic.com
2	ups.analytics.yahoo.com	2 redirects
2	adx.adform.net	vpaid.vidoomy.com
2	cdn.navdmp.com	tag.navdmp.com
2	usr.navdmp.com	tag.navdmp.com
2	tag.navdmp.com	s3.glbimg.com tag.navdmp.com
2	www.google.com	securepubads.g.doubleclick.net
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	tags.t.tailtarget.com	t.seedtag.com s3.glbimg.com
2	usergate.globo.com	gq.globo.com s3.glbimg.com
2	cocoon.globo.com	s.glbimg.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	id5-sync.com	cdn.id5-sync.com gq.globo.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects gq.globo.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net ads.rubiconproject.com
2	ads.rubiconproject.com	s3.glbimg.com ads.rubiconproject.com
2	gq.globo.com	s3.glbimg.com
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	vid-io-dub.springserve.com	gq.globo.com
1	t.adx.opera.com	gq.globo.com ads.pubmatic.com
1	eb2.3lift.com	gq.globo.com
1	match.taboola.com	gq.globo.com
1	rtb-csync.smartadserver.com	gq.globo.com
1	bh.contextweb.com	gq.globo.com
1	ce.lijit.com	gq.globo.com
1	trace.popin.cc	1 redirects
1	trace.mediago.io	1 redirects
1	ssbsync.smartadserver.com	gq.globo.com
1	pixel-us-east.rubiconproject.com	1 redirects
1	sync-t1.taboola.com	imprsgmp.taboola.com
1	inv-nets.admixer.net	1 redirects
1	ad.turn.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	cm-supply-web.gammaplatform.com	1 redirects
1	sync.srv.stackadapt.com	ads.pubmatic.com
1	sg-vid-events.taboola.com	gq.globo.com
1	sg-match.taboola.com	vidstat.taboola.com
1	imprsgmp.taboola.com	vidstat.taboola.com
1	vpaid.springserve.com	vpaid.vidoomy.com
1	1f2e7.v.fwmrm.net	1 redirects
1	vidstat.taboola.com	cdn.taboola.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	sync.aralego.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	1 redirects
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cm.ambientdsp.com	1 redirects
1	cms.quantserve.com	1 redirects
1	vid.springserve.com	vpaid.vidoomy.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	cdn.permutive.com	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1	d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.com.sg	www.google-analytics.com
1	d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app	s3.glbimg.com
1	ampcid.google.com	www.google-analytics.com
1	p1cluster.cxense.com	cdn.cxense.com
1	beacon.krxd.net	tag.navdmp.com
1	www.npttech.com	static.infoglobo.com.br
1	c2.piano.io	cdn.tinypass.com
1	cdn.tinypass.com	experience.tinypass.com
1	experience.tinypass.com	static.infoglobo.com.br
1	imasdk.googleapis.com	s3.glbimg.com
1	pixel.quantserve.com	gq.globo.com
1	vpaid.vidoomy.com	ads.vidoomy.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	t.seedtag.com
1	horizon-schemas.globo.com	s3.glbimg.com
1	ads.vidoomy.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	ivccf.ivcbrasil.org.br	gq.globo.com
1	gadasource.storage.googleapis.com	gq.globo.com
1	dc6b241228a425d8dce77511b744b85e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mug.criteo.com	gq.globo.com
1	id.globo.com	1 redirects
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	globo-ab.globo.com	p.glbimg.com
1	horizon.globo.com	gq.globo.com
1	p.glbimg.com	gq.globo.com
1	barra.globo.com	gq.globo.com
0	csync.loopme.me Failed	ads.pubmatic.com
0	core.iprom.net Failed	ads.pubmatic.com
0	match.deepintent.com Failed	ads.pubmatic.com
0	a.tribalfusion.com Failed	ads.pubmatic.com
0	cm.adgrx.com Failed	ads.pubmatic.com
0	dps.jp.cinarra.com Failed	ads.pubmatic.com
0	sync-dsp.ad-m.asia Failed	ads.pubmatic.com
0	pubmatic-match.dotomi.com Failed	ads.pubmatic.com
0	pippio.com Failed	ads.pubmatic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	globo-mab.globo.com Failed	s3.glbimg.com
466	167

This site contains links to these domains. Also see Links.

Domain
assinaturaglobo.globo.com
s3.glbimg.com
privacidade.globo.com
www.globo.com
g1.globo.com
ge.globo.com
gshow.globo.com
globoplay.globo.com
oglobo.globo.com
www.websiteplanet.com

Subject Issuer	Validity	Valid
gq.globo.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
s3.glbimg.com RapidSSL TLS RSA CA G1	`2023-05-02` - `2024-05-02`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
barra.globo.com RapidSSL TLS RSA CA G1	`2023-05-15` - `2024-05-15`	a year	crt.sh
*.glbimg.com RapidSSL TLS RSA CA G1	`2023-05-11` - `2024-05-10`	a year	crt.sh
audima.co GTS CA 1P5	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
horizon.globo.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-22` - `2023-10-23`	a year	crt.sh
globo-ab.globo.com R3	`2023-08-09` - `2023-11-07`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-07-27` - `2023-10-25`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
static.infoglobo.com.br RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-30` - `2024-01-29`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.ivcbrasil.org.br Amazon RSA 2048 M02	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-01` - `2023-10-02`	a year	crt.sh
horizon-schemas.globo.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-03-15`	a year	crt.sh
cocoon.globo.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-25` - `2023-09-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
usergate.globo.com RapidSSL TLS RSA CA G1	`2023-04-24` - `2024-04-23`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
horizon-track.globo.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-10-23` - `2023-10-24`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
npttech.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-07-09` - `2023-10-07`	3 months	crt.sh
*.google.com.sg GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.prmutv.co R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.springserve.com Amazon RSA 2048 M02	`2023-08-02` - `2024-08-30`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
cdn.stickyadstv.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh

This page contains 53 frames:

Primary Page: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Frame ID: 4FD4977D28769E8E47B126DE2E8B7861
Requests: 251 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gq.globo.com
Frame ID: 6523DAEF2DCE18333C534A6A952B8995
Requests: 2 HTTP requests in this frame

Frame: https://gq.globo.com/login-callback.ghtml
Frame ID: EFDB889DD38B218318F936C43E634634
Requests: 2 HTTP requests in this frame

Frame: https://dc6b241228a425d8dce77511b744b85e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9AC4CD848BD14B9D829541694BAE5FF0
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Frame ID: 6D0F5B7342BD0D10AD87D768640C46E1
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Frame ID: 243BF2C420B3277B091CEBC40868A364
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Frame ID: 0718E8B06A4B541FFFCBC3D0B82C54EA
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F
Frame ID: 96F38A0C00EC806A4ED1C8ACBA1B62E1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurfgJ4fI8_-_HRDenHHwtsAUuAmPSze2c4QZEL4bWfU77UJKP6iSAaXxbAXiL4bVsTlifEPML8fRoUa8lMFvORo2rxPDgfwMlFz3uvfYSvrfc10JNh07FR6bjFxtjsIzjR_p23J2pnQMTwG_3NTSdhE_-NkZv_x9n86h0PrJos2qLGVnUvY5NWmmzS9i_Y-40udPuZcnF_pt3v3S-2d24oBIi-YyVIbByTRqIsXSjiUCOMEMfMtw0xWQVr95mhLzzEfxE9dxkEhn9XJLlNlbCIk4srwefmTdcD2ZlGw0NElBLaF9cRJHun3sEhX45vEGXQ&sai=AMfl-YQ7Ff_vSOoocpTqi-uJN10Kl0d3TAKDq7H3G1rxqqvXK15vGSDSS8Ht61S3tip-j94IT2zgVdgKIw25GcI1V3hzKr9AFS5JlMTey317z_z2PrYvu-vcrmr8duL10BBBiqPr8imkqflBB0cCedSC&sig=Cg0ArKJSzHgaJ_77_SRIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DABA2DCD4A493AEE70534BC8543D55AA
Requests: 5 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E0CFED82C6C01918FE8BA3BAC065645B
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw_vyq4EANJ5HNHaHSB5ZnDpivofXRFIvqD7TqlNVEiADqQTd19-LafK1bAZkTEpfkvFH0s-A0jiRcPNqj-ixJ0sKCsOzX8vIKE9MkTX1l4uU3AAmuqIKIPeIwtyV3Og7IJTigTghoAbRR3TehH8QLvI0sh57aEuU1W7VC8JK1RR7UmfyxJJ5_dDknjtt4HhlBvqBR7INkBqP1STfVuhuOext2YFRT3TB9LMCfUjob_u0RkIUlXAUWmLxxvI-A0vYY1j2r9XbIbM39fwep5_TzEluw4PonlUuUdPwDSBnKMTKvACoQcnYfjEU4jO2yaDWJZRIwJ4ytL5XaYQItW9NZP1I&sai=AMfl-YQk4ZcQET86d3Jyx_389VrNpKNJ0CPYWXZU5Nd2MXpRi_Ths-XF65YBPwYpwwvcufuUoWELTvKqZfRUv0Tbgx1n6cmkkALZ4oW4Yz2ZeC73skBKxTH9mFSdEvI-KRvHEcHqQltH0i7r4Q7Ab6lv&sig=Cg0ArKJSzC440DDt106UEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A00122AD83AB498DE17B7DEACCA2880B
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshaa2kWDn7CRNGSYoCFe5pwg1Dtdy-jCZlRoyl_dK36m4MgHx-9ykJQKtFciRfaFZ8moe71ZNZEkUkai_Pl03z0dzMqDziW3OSuoZBWfpbtnhyfj44PiBCfZLT2Y4Oka1nfG75204UWH1ClwUHlv3AhpHf62Ri1eYil_T08ZRTnlkbxDl6Z17DE1zLipb2ThCapA4Q2x5XvdWGDU_h49DikxC_ehBvV3WsqGUEyj_R1VYDFnu_MWsD73gfeBwfsDF1ovxYtjtf8GfyDM--JKLvSRa5j3AuPS54_7ViJdYH0xYkFB80f5auMrjYBgf0aqzmhNG4&sai=AMfl-YSb6hqSACU0liuutZNOGHsULE5t7NfFfMfzfGQwovyazx8Pce3b3tMLm0krR9IKk3j4xyYc3Hw2D1Qh9DTCNrUrJ9Atpg21re5W6sXzNG3MsCk7uGo8aPvNZy1CWW1LG27rgumSb4gkKhgmDT9m&sig=Cg0ArKJSzOuglFLyOPYcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3F3F50B4334FE0227E6F96DB7E7FD0A0
Requests: 12 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372561482;dc_pre=COLLh_q4kIEDFamjZgIdxw4BRw;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Frame ID: 4A42123FFF0CDC316BAC716233A88775
Requests: 7 HTTP requests in this frame

Frame: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
Frame ID: 12A4D5C53656671C8C8F1F7CCDCEB1C7
Requests: 9 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 665D3EDDE9D9FA54CE8FB484AEA5D4C6
Requests: 3 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=CJDayfq4kIEDFXgXtwAdSocDTA;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Frame ID: EB7EAB33C5873EA66507CB9589CB1E99
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=COWSy_q4kIEDFVIW1Qodwg8ORg;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1
Frame ID: F2AA423BFB59A6891A13524BCD5C79F8
Requests: 8 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Frame ID: D6C8CCDC3EC13D93852D14517AED1F8A
Requests: 19 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Frame ID: 66A89B3999BDFD48C03CB1C2A850AB47
Requests: 20 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 02196170E7E3DF01E250F32FC2DC2195
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=971155
Frame ID: 6A597D7500DE2E8595E315761A8668BC
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DB402E6240BCE03D7AAC7F2FBE113574
Requests: 14 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT
Frame ID: 1735E22FEAFA2B51FE521E875ED9C8C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7147641075961760124&gdpr=0&gdpr_consent=
Frame ID: C6840DF9243C1492C26191F1D25CFE1C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11gap694bzwu
Frame ID: 4B3C7C6D7B0F382A52E99C12FD0C07F7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4BE90AA8E0329DB392099E5FB99F2735
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 703B140AAB13DAD023588AE8FCC2F46A
Requests: 7 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Frame ID: 1E2421986AC88D955894678FB4A9F0B1
Requests: 8 HTTP requests in this frame

Frame: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&cmcv=&pix=undefined&cb=1693812960493&uv=3329&tms=1693812960493&abt=mxrdvp_vB!mxrdvp_vB!nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=16be252c-aff7-4354-aed7-32a801213bdb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: AB616D905259B6078B5490F39CA77B83
Requests: 3 HTTP requests in this frame

Frame: https://sg-match.taboola.com/sync?dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 7BD22048A7A885AF28FDEE36AF243361
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0,1!vidoomy.com,21915,1,,1693812954341,,
Frame ID: B65CB5CCEA0E097225E19D96B641C73E
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B888EB5EB5D976BE875458B28F6D02B7
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=
Frame ID: BF89E22875C742DF72C0D65C476C2733
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: C53168DF3F66A771DDA9782275188D15
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: A20E1A547FDE3026EC22E456686FA4FB
Requests: 1 HTTP requests in this frame

Frame: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
Frame ID: 10D8DCD43512B06D4EF8541DCEB72D51
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rkccrr11ast
Frame ID: 488C4460955616BF18E502222957D6FA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: E7B12CB651E1AEDA9707A2395E69D5A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7ea09bad1a56419084ffc50b4b79c8b5
Frame ID: D3298C701680AD4BB56D171E5A111643
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=pwVkXUtyC2emUy-F4Yj1ZA
Frame ID: 8ED3AF5E9752447B030F7E622B322996
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 5E99E462777789FE18F48FDA17B2DF06
Requests: 11 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA
Frame ID: BCAD20D9E705DE3A164A17054FA6B5D2
Requests: 22 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=433227
Frame ID: B33FBC0965D9801C19778B9968929B04
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0D496B0E87235A1FA183C3B0F0A68F54
Requests: 3 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: A2DA7E37A273009A815373F4AA40D639
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 0F920872CEBFE0774D156CDB7155C68F
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=15D3647D-BF39-4C17-BA6A-452D2700178D
Frame ID: 130FA577BA2E635230D8A836006153CC
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: D201A11D0A829EBD25CA5B971D74ABCA
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1D6B623E33AE0CD18873F1CC0FC66A0C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: EF8839EE1F861518453EB7F9719E047E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: FF05134B6DA39D39C33280943D9A7230
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 8B5D0F0B9BACF83E2361FC2A9D917713
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8w2sC0I21QD47W5&gdpr=0&gdpr_consent=
Frame ID: 9D3157D81CCB306CCA10505728ED5D80
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Especialista aponta brecha de segurança em site de acompanhante, que nega vazamento de dados | Tecnologia | GQ

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

466
Requests

83 %
HTTPS

29 %
IPv6

89
Domains

167
Subdomains

109
IPs

9
Countries

7082 kB
Transfer

20971 kB
Size

105
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://assinaturaglobo.globo.com/gq/vitrine/gq/?campanha=nao&site_par=1&origem_par=1&formato_par=gq_sempiano&versao_par=botao_rodape&utm_source=sitegq&utm_medium=botao_rodape&utm_campaign=eg_gq_botao_rodape_sempiano
Title: Assine

Search URL Search Domain Scan URL

URL: https://s3.glbimg.com/v1/AUTH_91e21bc490b44c808f2d722ecf06a8e6/gq/M%C3%ADdia%20Kit%20GQ.pdf
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://privacidade.globo.com/privacy-policy/
Title: política de privacidade

Search URL Search Domain Scan URL

URL: https://www.globo.com/?utm_source=barraGCOM

Search URL Search Domain Scan URL

URL: https://g1.globo.com/?utm_source=barraGCOM
Title: g1

Search URL Search Domain Scan URL

URL: https://ge.globo.com/?utm_source=barraGCOM
Title: ge

Search URL Search Domain Scan URL

URL: https://gshow.globo.com/?utm_source=barraGCOM
Title: gshow

Search URL Search Domain Scan URL

URL: https://globoplay.globo.com/?utm_source=barraGCOM

Search URL Search Domain Scan URL

URL: https://oglobo.globo.com/?utm_source=barraGCOM
Title: OGlobo

Search URL Search Domain Scan URL

URL: https://www.globo.com/todos-os-sites.html?utm_source=barraGCOM
Title: todos os sites

Search URL Search Domain Scan URL

URL: https://www.websiteplanet.com/news/fatalmodel-leak-report/
Title: detalha Prowler em seu blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://sb.scorecardresearch.com/c2/6035227/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 39

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1693812949518&ns_c=UTF-8&c8=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&c7=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&c9= HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1693812949518&ns_c=UTF-8&c8=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&c7=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&c9=

Request Chain 54

https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&rid=esp&cc=1

Request Chain 58

https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=revista-gq%40apps.globoid&redirect_uri=https%3A%2F%2Fgq.globo.com%2Flogin-callback.ghtml&state=11f03c0e-c734-4772-8092-598ef98fff20&response_mode=fragment&response_type=code&scope=openid&nonce=d38fd847-ff59-43b9-9e64-1cf173eed842&prompt=none&code_challenge=_z_kOOgEFo1FqlBz_iNuZS-bcWSmMX4Pu0iSj0-rf54&code_challenge_method=S256 HTTP 302
https://gq.globo.com/login-callback.ghtml

Request Chain 60

https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=gq.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3tCStnxZdDBQUEpJTGptYTRYTUN3OVg0RzFiUktoYnE0UTZtSXpKRHN4UEtubkQrOGVSSkxtSGlEa3N2UkhodjVXamVONXFyVVlzN3NkMWdLYmxuRWdienk3Kzh3V1plSWswbnl4cGtpNTBPVE85MHVHSER6b2hYREVYUHBiY2NoMGhrNmdRUmYxb0N4L3EwTUtrL0tSMUNZNk1jMEhuZWZNYVhYdkJSTzVFMm1CL1hUZ1pkT3hLT1YzVXk0RWRpVmtoUmU0QUo3VkZsbXlxd1lDaW1PcXNNNGU3SkgwZ3RDY09OUFBmYUhxdEhXVmlVaWxjWGsyOTh6NU8vdEFDYmRiZWN5MHI4MlFTZnIvUW1QeGYwdjdYUE5Sdz09fA&cppv=2

Request Chain 94

https://match.adsrvr.org/track/cmf/openx?oxid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0&gdpr_consent=

Request Chain 95

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZPWI1sCo8YQAABUX2GQAAAAA

Request Chain 96

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT042FE4PAV3ks8AD7ImDFiUg88AAAGKXx6KAw

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHlVwLCmIhhPOqbZtfuba-E&google_cver=1

Request Chain 120

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372561482;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372561482;dc_pre=COLLh_q4kIEDFamjZgIdxw4BRw;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 154

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=970362189.467729716945714.386808577 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=970362189.467729716945714.386808577 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=528fc541-7a21-468e-865f-9e23c888f546&google_hm=NTI4ZmM1NDEtN2EyMS00NjhlLTg2NWYtOWUyM2M4ODhmNTQ2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHfe5Cu3Cn3Sht7gPmYSM_4&google_cver=1&ssp=vidoomy&bsw_param=528fc541-7a21-468e-865f-9e23c888f546 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=528fc541-7a21-468e-865f-9e23c888f546

Request Chain 155

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM4KHXZC-V-BP7U

Request Chain 166

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=CJDayfq4kIEDFXgXtwAdSocDTA;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 172

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=COWSy_q4kIEDFVIW1Qodwg8ORg;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 285

https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=90906&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C HTTP 302
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=90906&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_tur=T

Request Chain 294

https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=778868&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C HTTP 302
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=778868&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_tur=T

Request Chain 307

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT

Request Chain 308

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7147641075961760124&gdpr=0&gdpr_consent=

Request Chain 309

https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11gap694bzwu

Request Chain 310

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FdNkfb85TBe6akUtJwAXjQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 311

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=15D3647D-BF39-4C17-BA6A-452D2700178D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=15D3647D-BF39-4C17-BA6A-452D2700178D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=856cd62a-cc5e-4c78-bb91-4f8524c0cd57%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=856cd62a-cc5e-4c78-bb91-4f8524c0cd57%2C%2C

Request Chain 314

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVEMzY0N0QtQkYzOS00QzE3LUJBNkEtNDUyRDI3MDAxNzhE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 315

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK_qGisUA51NlyRqaYtX8XU&google_cver=1

Request Chain 316

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:31EF1852B459412FA28E95F3DF011E40

Request Chain 318

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=

Request Chain 319

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15D3647D-BF39-4C17-BA6A-452D2700178D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15D3647D-BF39-4C17-BA6A-452D2700178D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_2bBALBE2uUEG4yxIRNSBm4ttpvM4hM-~A&gdpr=0

Request Chain 320

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=445&user_id=dc7c5309-b517-3cb7-a9d6-60853798150e&ssp=pubmatic&bsw_param=528fc541-7a21-468e-865f-9e23c888f546 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=528fc541-7a21-468e-865f-9e23c888f546&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 328

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wa72a_7274871273036226328&gdpr=0&gdpr_consent=null HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPMT-4TspV0UCLo6zQJ-9PA&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&159=CAESEPMT-4TspV0UCLo6zQJ-9PA&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPMT-4TspV0UCLo6zQJ-9PA&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEPMT-4TspV0UCLo6zQJ-9PA&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPMT-4TspV0UCLo6zQJ-9PA&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEPMT-4TspV0UCLo6zQJ-9PA&gdpr=0&gdpr_consent= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent= HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
https://ads.stickyadstv.com/user-registering?userId=AAH-xE7J6xIAACZMnHlPOA&dataProviderId=817&gdpr=0

Request Chain 332

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 333

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 353

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent=null HTTP 302
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null HTTP 303
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1

Request Chain 358

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 360

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 368

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118

Request Chain 369

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA

Request Chain 370

https://pr-bh.ybp.yahoo.com/sync/taboola/53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A

Request Chain 383

https://c1.adform.net/serving/cookie/match?party=14&cid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=

Request Chain 384

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 387

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rkccrr11ast

Request Chain 389

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7ea09bad1a56419084ffc50b4b79c8b5

Request Chain 390

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=pwVkXUtyC2emUy-F4Yj1ZA

Request Chain 391

https://idsync.rlcdn.com/420486.gif?partner_uid=15D3647D-BF39-4C17-BA6A-452D2700178D HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDE1RDM2NDdELUJGMzktNEMxNy1CQTZBLTQ1MkQyNzAwMTc4RBAAGg0I4ZHWpwYSBQjoBxAAQgBKAA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=425a967a70c16aa32a1d6d06d33b7f198f25cc03a4bc7a47acfa89557be3397d791426b5417dce21&_=2

Request Chain 392

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3865059720704164642

Request Chain 393

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168133558669807420&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 394

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent= HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3040eca01acc24c6&is_secure=true&networkId=17100&version=1&nuid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=

Request Chain 395

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118

Request Chain 396

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3D528fc541-7a21-468e-865f-9e23c888f546%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=efd28a24367847c8a0252af837479321&ssp=taboola&bsw_param=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 399

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LM4KHXZC-V-BP7U HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---

Request Chain 400

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA

Request Chain 401

https://ih.adscale.de/su?gdpr=1&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
https://ih.adscale.de/su?gdpr=1&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=d8bdc3959a8949d8a5438bb133afd9d8 HTTP 302
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d8bdc3959a8949d8a5438bb133afd9d8

Request Chain 403

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U

Request Chain 404

https://pr-bh.ybp.yahoo.com/sync/taboola/53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e?gdpr=1&gdpr_consent=&us_privacy= HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A

Request Chain 405

https://trace.mediago.io/ju/cs/taboola HTTP 302
https://trace.popin.cc/ju/cs/taboola HTTP 302
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=b08c8ff10c70bb4a37dd9d26d5f0194b

Request Chain 406

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGguzLeydtEr5rnOd988Ers&google_cver=1

Request Chain 408

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e

Request Chain 409

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118

Request Chain 416

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f4146a47-297d-479a-9a74-9507f879dc51 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f4146a47-297d-479a-9a74-9507f879dc51&tbid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&query=taboola_hm%3Df4146a47-297d-479a-9a74-9507f879dc51&isDirect=0

Request Chain 419

https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=omRSH4PIUmF4MKHm3eZuK9E6osY

Request Chain 433

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rvyUY90rR9my8bvJCmN0HA&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvyUY90rR9my8bvJCmN0HA&gdpr=0

Request Chain 434

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGVkOTM3OGVjZWVkODgxNWQ4MDcwMTRmMmVjZTBlMjI0ZWY4YzkyYw&gdpr=0&us_privacy=1---

Request Chain 435

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---

Request Chain 436

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w-iqD6xERea0QcyZD6mIlw&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w-iqD6xERea0QcyZD6mIlw&gdpr=0

Request Chain 437

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL0TXwTBG29n_TqZVBTkkTw&google_cver=1

Request Chain 438

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE00S0hYWkMtVi1CUDdV&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEGmBxIMYXPTC_AaQAxVKwr4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00S0hYWkMtVi1CUDdV&google_push=&gdpr=0

Request Chain 439

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/bWOVPFQNn0tC5-vvLxitRw?csrc=&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PKanEQxE2oLeVVVUjek5adaWvvieQcD7z2civA--~A

Request Chain 440

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=&expires=30

Request Chain 478

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8w2sC0I21QD47W5&gdpr=0&gdpr_consent=

Request Chain 479

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7147641075961760124

466 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml Show response
gq.globo.com/tecnologia/noticia/2023/08/ 451 KB
102 KB 1536ms
468ms Document
text/html 201.7.177.252
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

201.7.177.252 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

789ce7e79e93307b20feb98fd7c5eaab420173801fe551cd015e301d9e1550fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=10
content-encoding: gzip
content-length: 104173
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 07:35:46 GMT
expires: Mon, 04 Sep 2023 07:35:56 GMT
show-page-version: 0
vary: X-Forwarded-Proto, User-Agent, Accept-Encoding
via: 2.0 CachOS
wall-blocked-session: 0
wall-subscription-level: 0
wall-usl-status
x-bip: 19941486 cmad07lx22ca03.globoi.com
x-cache-status: MISS
x-content-type-options: nosniff
x-location-rule: ghtml
x-mobile: desktop
x-request-id: ed483757-c63c-48c2-a4a0-e9ccf471d266
x-served-from: rpaas-multi-domain-edg3-prod, Show Services GCP
x-thanos: 0A82BC0C
x-virtual-host: gq.globo.com
x-xss-protection: 1; mode=block

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 2102ms
346ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/bold.woff2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
x-openstack-request-id: txbcbcf730e00b4ae3b84fc-00645a963c
last-modified: Tue, 25 Jun 2019 17:35:22 GMT
x-thanos: 0A815002
etag: 8593a5a07cf620d4512fcb71cbcd07a6
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484121.35690
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10284
x-trans-id: txbcbcf730e00b4ae3b84fc-00645a963c
x-request-id: fb2b43b3-9d41-400d-b908-3d5eeb9e6721

GET
H2 200 semibold.woff2
s3.glbimg.com/cdn/fonts/opensans/ 16 KB
16 KB 2448ms
692ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/semibold.woff2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
x-openstack-request-id: tx02815501874a409aac103-00645a963c
last-modified: Tue, 25 Jun 2019 17:36:47 GMT
x-thanos: 0A815002
etag: 365c53275ca5dad1584b7e0bd3a46c1e
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484206.27623
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16172
x-trans-id: tx02815501874a409aac103-00645a963c
x-request-id: c4d5964d-cc3c-465b-9689-5029fb0712b9

GET
H2 200 regular.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
11 KB 2793ms
1038ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/regular.woff2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
x-openstack-request-id: tx5f5c04a4bb6e412f84003-00645a963c
last-modified: Tue, 25 Jun 2019 17:36:35 GMT
x-thanos: 0A815002
etag: 4124088fdd8c315a6d096b65b6cbf428
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484194.26376
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10352
x-trans-id: tx5f5c04a4bb6e412f84003-00645a963c
x-request-id: a529db33-b907-48a7-801e-9c8cb7426945

GET
H2 200 light.woff2
s3.glbimg.com/cdn/fonts/opensans/ 10 KB
10 KB 2446ms
692ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/opensans/light.woff2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
x-openstack-request-id: tx59c5700890bc414e8918f-00645a963c
last-modified: Tue, 25 Jun 2019 17:36:08 GMT
x-thanos: 0A815002
etag: 98b6233d6ac91b3538d60fee0ce3393b
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484167.30297
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 10200
x-trans-id: tx59c5700890bc414e8918f-00645a963c
x-request-id: 5726110c-4bc0-4ddb-b7a2-29f48a0da096

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 29ms
8ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72923
x-xss-protection: 0
server: sffe
etag: "8f05ddb4de6114d6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:46 GMT

GET
H2 200 lib-pub-relay-gq-latest.js Show response
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/ 2 KB
1 KB 1794ms
356ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 2fba4b98ccf67203f312371d0f0e4bbab645ccaea30d9cc90a80f0daefe1bfa5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
content-encoding: gzip
x-openstack-request-id: tx018a1f2cf9b0434691229-0064f588ab
last-modified: Fri, 18 Aug 2023 21:17:37 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1692392188.000000
content-type: application/javascript
x-timestamp: 1692393456.28181
cache-control: public, max-age=180
x-trans-id: tx018a1f2cf9b0434691229-0064f588ab
x-request-id: b547165f-4ef0-4bcf-8b7d-5a7bd8942868

GET
H2 200 amp-social-share-0.1.js Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 17ms
14ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-social-share-0.1.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dc118c68570ac106df5c43e5588c5b94d18caf4aa9e4d8d52792037cc16b980

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4778
x-xss-protection: 0
server: sffe
etag: "3b7d847d5c21773c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:47 GMT

GET
H2 200 amp-timeago-0.1.js Show response
cdn.ampproject.org/v0/ 37 KB
9 KB 12ms
9ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-timeago-0.1.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

882ff7936c470295eb10d1483cafddfe87d7a790be68aa8078b8785079ffb655

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: sffe
etag: "d0d3e035b79a756e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:47 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/v0/ 7 KB
3 KB 14ms
12ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-fit-text-0.1.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0348978a435efe42a3f0032226082bc4aedb9c569a9f387e8843a468c455c189

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2507
x-xss-protection: 0
server: sffe
etag: "1b33f8c072686442"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:47 GMT

GET
H2 200 amp-bind-0.1.js Show response
cdn.ampproject.org/v0/ 50 KB
16 KB 22ms
20ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-bind-0.1.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34949d51114d9e8d6d04ffaf480d2aecc5bf938b184ed034fee5b5840be1004

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16372
x-xss-protection: 0
server: sffe
etag: "434defc971651e85"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:47 GMT

GET
H2 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/v0/ 65 KB
19 KB 18ms
16ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0820a07e64f387b7ec526ac89a5556fb35fa95984a7144b242d482fdadf4052

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19060
x-xss-protection: 0
server: sffe
etag: "0385cac339f9762d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:47 GMT

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 18ms
17ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740a8b09cd975645126867407e5fe191e2c777b5bcadf5a5d1e0a375c9ce398d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11511
x-xss-protection: 0
server: sffe
etag: "3c50afadbd34f735"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:47 GMT

GET
H2 200 amp-video-0.1.js Show response
cdn.ampproject.org/v0/ 52 KB
16 KB 22ms
21ms Script
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-video-0.1.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00306ed1a76f9baacca87d4b61310bd37f23399c65fb3e8a0636a9373ac72a51

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 07:35:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15906
x-xss-protection: 0
server: sffe
etag: "218eef37f683efff"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 04 Sep 2023 07:35:47 GMT

GET
H2 200 barra-globocom.min.css
barra.globo.com/gl/ba/oidcprodutos/css/ 22 KB
5 KB 1575ms
549ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Mon, 04 Sep 2023 07:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 113412906 cmah10lx31ca01.globoi.com
age: 196
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739324870000
content-length: 4317
x-xss-protection: 1; mode=block
x-request-id: f25ed46e-222f-486f-9562-27d5ed1cd113
last-modified: Fri, 02 Jun 2023 19:14:58 GMT
x-thanos: 0A835C22
etag: W/"c580509368f67b01edaa2d4f8057bbbe"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/css; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 04 Sep 2023 07:37:32 GMT

GET
H2 200 bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js Show response
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 220 KB
77 KB 1461ms
392ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
content-encoding: gzip
x-openstack-request-id: tx3687c5d962724e7ea696f-0064d27c1a
last-modified: Tue, 08 Aug 2023 17:32:03 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1691515922.84841
cache-control: public, max-age=2592000
x-trans-id: tx3687c5d962724e7ea696f-0064d27c1a
x-request-id: 1e56f162-0076-49e5-b699-a75438adbf1c

GET
H2 200 api.min.js Show response
p.glbimg.com/api/stable/ 42 KB
13 KB 1619ms
563ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.glbimg.com/api/stable/api.min.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Mon, 04 Sep 2023 07:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 21597354 cmah10lx33ca02.globoi.com
age: 48808
x-cache-status: HIT
content-length: 12654
x-xss-protection: 1; mode=block
x-request-id: 335c0487-2720-430e-9975-5ddb79ccd85e
last-modified: Tue, 03 Jan 2023 00:49:51 GMT
x-thanos: 0A835C26
etag: W/"d82e539ab2fdc0f51354d1f15969ebbe"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 04 Sep 2023 18:02:20 GMT

GET
H2 200 gq-international-reverse.png
s2-gq.glbimg.com/-1t4SXRVp61_7FD-tVhRoVMBFEE=/68x35/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_infoglobo-custom-footer/bs/2023/u/K/OYFN4JT7CK14EtLTs... 1 KB
2 KB 2514ms
547ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/-1t4SXRVp61_7FD-tVhRoVMBFEE=/68x35/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_infoglobo-custom-footer/bs/2023/u/K/OYFN4JT7CK14EtLTszBQ/gq-international-reverse.png
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: bb83da6a830491ce17a79a0553a6b39c6c9b50a74292751f38d9c2050ed50d82

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
via: 2.0 CachOS
x-bip: 182338875 ah22 41 02
age: 628674
x-cache-server: thumbor/nginx-cache
content-length: 1160
x-cached: MISS
x-request-id: 21cd94a2-4981-44c3-80c5-b4d57db8fff0
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "30a79dd6d12491f3a5d269209de55da41fab0124"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:55 GMT

GET
H2 200 jquery.min.js Show response
s3.glbimg.com/cdn/libs/jquery/1.8.3/ 91 KB
38 KB 845ms
845ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/jquery/1.8.3/jquery.min.js?
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
content-encoding: gzip
x-openstack-request-id: tx80d7a7e971bb4db6b5416-00645a964b
last-modified: Tue, 09 Oct 2018 19:06:54 GMT
x-thanos: 0A815002
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1539112013.52960
cache-control: max-age=31536000
x-trans-id: tx80d7a7e971bb4db6b5416-00645a964b
x-request-id: 6e34f4df-3359-4896-ae29-5acb4fc6a870

GET
H2 200 audima-widget.js Show response
audio4.audima.co/ 327 KB
101 KB 331ms
273ms Script
application/javascript 2606:4700:3032::6815:1d69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio4.audima.co/audima-widget.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:1d69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5149c980f56d9eae4887f58e4ef6bb1eef5d857e7630cba469bb2e0d39a6b187

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 16:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f21403-51a7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRNFTEHeneQ3c350czNKsH08FiiCVvw3OMUiaMX50PqYdxfSX2G4a1RIiXJM4i2M61zLl5HQziYeG62Rx%2FOULuWoNl2dva9Te1V63RDZMAheVZl%2BosUUKbI90ZxLrIz8Cj7F4aQJsQlIk7VfBJwc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 80148ecbd87e01f6-SIN
expires: Mon, 04 Sep 2023 11:32:45 GMT

GET
H2 200 d2bdc2678d18edab60e99f79608e5acb.js Show response
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 307 KB
105 KB 843ms
842ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d2bdc2678d18edab60e99f79608e5acb.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b61bf93d50349432fb3b57e3c151d695f7db2a8ee95f50089ccf0e13ebd77c42

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
content-encoding: gzip
x-openstack-request-id: tx57079d9185a7407fb9bfe-0064f2162d
content-length: 107331
x-trans-id: tx57079d9185a7407fb9bfe-0064f2162d
x-request-id: 6b8e16a3-bbd7-43a2-b6ec-96bc10c4fdf3
last-modified: Mon, 14 Aug 2023 18:36:16 GMT
x-thanos: 0A815002
etag: 7f21a1b0490936574fdcd09c8967e0b0
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp: 1692038175.85048
cache-control: public, max-age=604800
accept-ranges: bytes

GET
H2 200 bold.woff2
s3.glbimg.com/cdn/fonts/proximanova/ 16 KB
17 KB 833ms
832ms Font
application/font-woff2 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/proximanova/bold.woff2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 1c28a454e868aaaea5b4d03ecf9355cf8d3bec3ae3d712e08b3c2449c511808c

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:48 GMT
x-openstack-request-id: tx134939560df14a40935ce-00645a963c
last-modified: Tue, 25 Jun 2019 17:42:05 GMT
x-thanos: 0A815002
etag: 632fbe1616a34ab6f309b0ad0f544268
vary: Accept-Encoding, Origin
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484524.79547
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16880
x-trans-id: tx134939560df14a40935ce-00645a963c
x-request-id: b8bfa570-b520-4992-b0d5-5371173c3bfe

GET
DATA 200
OK truncated
/ 727 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 738 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/ 31 KB
8 KB 1014ms
1014ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-20230853106938e97a07e2056f5ffed36520e9.rest.css
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-openstack-request-id: tx8391dfe334024e2ab736c-0064f0a559
last-modified: Tue, 08 Aug 2023 17:32:01 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1691515920.59004
cache-control: public, max-age=2592000
x-trans-id: tx8391dfe334024e2ab736c-0064f0a559
x-request-id: 7e00f363-86e7-44b9-a5be-196d7bc493fe

GET
H2 200 2022-02-15-gettyimages-521761442.jpeg
s2-gq.glbimg.com/yIH4xb26DDKmGfoZTBmaKg4qP6g=/0x0:5524x3651/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/N/u/kvAUjKQfCeGHg7BuVILg/ 43 KB
43 KB 1182ms
548ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/yIH4xb26DDKmGfoZTBmaKg4qP6g=/0x0:5524x3651/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/N/u/kvAUjKQfCeGHg7BuVILg/2022-02-15-gettyimages-521761442.jpeg
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: f3de46bf8b430f4547d5bd790c59d895f6be21f82807552ee2a3a12a258925ca

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
via: 2.0 CachOS
x-bip: 182131492 ah22 41 02
age: 232724
x-cache-server: thumbor/nginx-cache
content-length: 43836
x-cached: MISS
x-request-id: b35c58c3-b75d-4f04-aa27-e48167ad012d
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "12c04c75ab9fd4f0e963a74847403cbbfb7afe73"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 01 Oct 2023 14:57:04 GMT

GET
H2 200 3da2ec661356837f26b0c70d971ebf4e.css
s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/ 3 KB
2 KB 750ms
750ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/3da2ec661356837f26b0c70d971ebf4e.css
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b38a557c76e0f42026c5a9ebbd48a48b46366b8ac11fc020219b8591c493f3f9

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-openstack-request-id: txf82acd3f03524f64a08a8-0064ee4882
content-length: 1165
x-trans-id: txf82acd3f03524f64a08a8-0064ee4882
x-request-id: def4b239-1fc6-45d4-b717-bc4e6feb6ebb
last-modified: Tue, 07 Mar 2023 21:05:30 GMT
x-thanos: 0A815002
etag: 04e1ac8689f105558a1365cc12bbd34e
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: x-object-meta-cache-control, content-language, cache-control, expires, last-modified, etag, x-timestamp, pragma, x-trans-id, x-container-meta-cache-control, content-type, x-openstack-request-id, authorization
x-timestamp: 1678223129.48732
cache-control: public, max-age=604800
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 436 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 507 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 opensans-light-webfont.woff
s.glbimg.com/gl/ba/fonts/ 20 KB
20 KB 1243ms
545ms Font
font/woff 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/fonts/opensans-light-webfont.woff

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Mon, 04 Sep 2023 07:35:49 GMT
via: 2.0 CachOS
x-content-type-options: nosniff
x-bip: 50970739 cmah17lx26ca01.globoi.com
age: 0
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739323813245
content-length: 20184
x-xss-protection: 1; mode=block
x-request-id: af9af4d5-3df1-4e31-ae54-e54cba2ae862
last-modified: Thu, 04 May 2023 18:56:24 GMT
x-thanos: 0A865C03
etag: "d6cc1c50b230a5c61bb684e07f3e0e98"
vary: Origin
x-served-from: estaticos-gcp-prod
content-type: font/woff
access-control-allow-origin: https://gq.globo.com
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 04 Sep 2023 07:40:49 GMT

GET
H2 200 barra-globocom.min.js Show response
s.glbimg.com/gl/ba/js/ 32 KB
11 KB 436ms
431ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/gl/ba/js/barra-globocom.min.js

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: barra-legado
date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 17954980 cmah10lx33ca02.globoi.com
age: 181
x-cache-status: HIT
x-goog-meta-x-goog-reserved-source-generation: 1669739323699742
content-length: 10597
x-xss-protection: 1; mode=block
x-request-id: 12335239-1df0-4695-ab08-9bc99fe8e034
last-modified: Thu, 04 May 2023 18:56:23 GMT
x-thanos: 0A835C26
etag: W/"1af9514851ffe9f801c5468a9d1206ac"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 04 Sep 2023 07:37:47 GMT

GET
DATA 200
OK truncated
/ 203 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62023892994a076b2eca66194011febfcc294b8cd41084bd243bd97492f1c365

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a5fb71968c62c1e84aebf36c57c13a32cd43d2962a231708a5b0f8a1273d95ab

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 lib-pub-core-gq-latest.js Show response
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/ 55 KB
15 KB 916ms
916ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/lib-pub-core-gq-latest.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 6dcc223e45eab6e42437ce26ac3fa2779937555988c1d63f5c345542e195a8e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-openstack-request-id: tx8a4a652a93df439681e72-0064f588d5
last-modified: Wed, 30 Aug 2023 14:54:53 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693406782.000000
content-type: application/javascript
x-timestamp: 1693407292.25538
cache-control: public, max-age=180
x-trans-id: tx8a4a652a93df439681e72-0064f588d5
x-request-id: ff9338c1-4b36-4353-9e1b-2238b006950c

GET
H2 200 settings.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/ 3 KB
2 KB 574ms
573ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/settings/stable/settings.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-openstack-request-id: tx5e657b57797e4567b9f9c-0064f588d5
last-modified: Sat, 02 Sep 2023 17:44:45 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693675470.000000
content-type: application/javascript
x-timestamp: 1693676684.90264
cache-control: public, max-age=
x-trans-id: tx5e657b57797e4567b9f9c-0064f588d5
x-request-id: 88218f58-5d77-46c7-a7b0-276d3fe19283

GET
H2 200 horizon-client-js.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 11 KB
4 KB 576ms
576ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-client-js.min.js
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-openstack-request-id: tx20f2de1ac73c4d3b8c854-0064f5872a
last-modified: Fri, 13 Nov 2020 17:21:38 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1605288097.88717
cache-control: public, max-age=600
x-trans-id: tx20f2de1ac73c4d3b8c854-0064f5872a
x-request-id: 31b8a731-4323-4e79-90e4-2f1194424315

GET
H2 200 glb-pv-min.js Show response
s.glbimg.com/bu/rt/js/ 2 KB
1 KB 356ms
356ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/bu/rt/js/glb-pv-min.js

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/gl/ba/js/barra-globocom.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 17954985 cmah10lx33ca02.globoi.com
age: 48809
x-cache-status: HIT
content-length: 945
x-xss-protection: 1; mode=block
x-request-id: 0b0208c5-357b-453a-8de8-92d0e9a9bed9
last-modified: Fri, 11 Nov 2022 21:36:41 GMT
x-thanos: 0A835C26
etag: W/"aaaef25ae81d7253ced007ce6451d65e"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 04 Sep 2023 18:02:20 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035227/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
383 B

138ms
138ms

Script
application/javascript

3.160.188.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 3.160.188.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-50.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 02:00:33 GMT
via: 1.1 56b03146829c02df871975da5cf2300e.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P5
age: 20118
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Jxm9eq6lRI9wtgNimGPu6Y2CTysb7BfE8eUK4Cc3b4wrcBRIGfnyNQ==

Redirect headers

date: Mon, 04 Sep 2023 07:35:49 GMT
via: 1.1 56b03146829c02df871975da5cf2300e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MRS52-P5
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: KbNaZcdfAilES3b8IE7Z3wBzpxm1mRvyMvds0OSivoCVKhV2V519CQ==

GET
H2 200 logo_globoplay.svg
s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/ 5 KB
2 KB 582ms
582ms Image
image/svg+xml 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_ba8e460c944543468c3c80cb9675751f/logos/globoplay/logo_globoplay.svg
Requested by: Host: barra.globo.com
URL: https://barra.globo.com/gl/ba/oidcprodutos/css/barra-globocom.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://barra.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:49 GMT
content-encoding: gzip
x-openstack-request-id: tx94489aea7dce4b3eab62f-0064f588b8
last-modified: Mon, 17 Oct 2022 13:20:36 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: image/svg+xml
x-timestamp: 1666012835.41302
cache-control: public, max-age=180
x-trans-id: tx94489aea7dce4b3eab62f-0064f588b8
x-request-id: 5f0186d3-8224-4b76-94f7-049adb125cf6

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035227&ns__t=1693812949518&ns_c=UTF-8&c8=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1693812949518&ns_c=UTF-8&c8=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazament...

43 B
299 B

153ms
153ms

Image
image/gif

3.160.188.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035227&ns__t=1693812949518&ns_c=UTF-8&c8=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&c7=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&c9=
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 3.160.188.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-50.mrs52.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 56b03146829c02df871975da5cf2300e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MRS52-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: LTgJV7G3aQZJTBdtBtuFirw10UF_RqlGa_EDXlcHJkHiH5h-Zqg7MQ==

Redirect headers

date: Mon, 04 Sep 2023 07:35:49 GMT
via: 1.1 56b03146829c02df871975da5cf2300e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MRS52-P5
x-cache: Miss from cloudfront
location: /p2?c1=2&c2=6035227&ns__t=1693812949518&ns_c=UTF-8&c8=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&c7=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&c9=
content-length: 0
x-amz-cf-id: MixEcuea2Yf1UcMjU81ZrKNxrdj4F1_NY4JtG62JF-7MqzcPzefFzA==

GET
H2 200 bold-webfont.woff2
s3.glbimg.com/cdn/fonts/proximanova/ 20 KB
21 KB 348ms
347ms Font
application/octet-stream 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/fonts/proximanova/bold-webfont.woff2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: f40f5aae5f579b100046297556b20241064b7df6f453768a2c45448b99faf40d

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
x-openstack-request-id: tx0a395828295241ad86f2f-00645a9e65
last-modified: Tue, 25 Jun 2019 17:41:50 GMT
x-thanos: 0A815002
etag: 41d742c099d20517e060c4cd172c8891
vary: Accept-Encoding, Origin
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: x-trans-id, content-language, expires, last-modified, etag, x-timestamp, pragma, cache-control, content-type, x-openstack-request-id
x-timestamp: 1561484509.26263
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20968
x-trans-id: tx0a395828295241ad86f2f-00645a9e65
x-request-id: f2c1387f-6c9f-4223-ba7a-c14841fbd077

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
30 KB 33ms
16ms Script
text/javascript 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/lib-pub-core-gq-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ef04f2dcc40da8bb147890b9aad96226424b5fbf884b5eae0d1e1c64654f5ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29926
x-xss-protection: 0
server: cafe
etag: 454 / 19604 / m202308290101 / config-hash: 15830000896466728742
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H2 200 15688_gq.js Show response
ads.rubiconproject.com/prebid/ 385 KB
120 KB 1015ms
909ms Script
text/javascript 23.76.212.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/lib-pub-core-gq-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.76.212.194 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-76-212-194.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a5471d394e2b47b6aceb8d55414db8f4e4a8ca6a5a75a93fd06687d742ffc106

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
last-modified: Mon, 04 Sep 2023 06:40:43 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
expires: Mon, 04 Sep 2023 11:35:51 GMT

GET
H2 200 publicidade.css
s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/ 4 KB
1 KB 357ms
357ms Stylesheet
text/css 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_b3eff1d540ba48dd8558daf4d094c778/assets/publicidade.css
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-core/gq/prod/lib-pub-core-gq-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-openstack-request-id: tx084929afb79247b09ade2-0064f5888a
last-modified: Tue, 12 Feb 2019 18:01:54 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/css
x-timestamp: 1549994513.97827
cache-control: public, max-age=180
x-trans-id: tx084929afb79247b09ade2-0064f5888a
x-request-id: 75058013-d8f8-447a-b254-0721dc65509b

GET
H2 200 horizon-pageview
horizon.globo.com/auth-session/activity/gq/ 0
322 B 836ms
225ms Image
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://horizon.globo.com/auth-session/activity/gq/horizon-pageview?object=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&Referrer=&tags=&client_version=0.3.11

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),

Reverse DNS

33.79.211.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
strict-transport-security: max-age=60
content-length: 0
x-served-from: hzt-tsuru
content-type: text/plain; charset=UTF-8

GET
H2 200 selected-alternatives Show response
globo-ab.globo.com/v2/ 294 B
831 B 976ms
321ms Fetch
application/json 34.95.229.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://globo-ab.globo.com/v2/selected-alternatives?experiments=player-isolated-experiment-02&skipImpressions=true

Requested by

Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.95.229.88 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

88.229.95.34.bc.googleusercontent.com

Software

Resource Hash

e388b4953e682ffd744b7b23a8a59007339b0666518ab3f5dc92d8385d7be56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
strict-transport-security: max-age=300; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
trace-id: b08ea11607689542
access-control-allow-headers: user,User-Agent,Content-Type,GLBUID,GLBID,GLBEXP,x-client-user-agent,x-client-version,x-device-id,x-platform-id,x-canonical-uri,GLOBO_ID

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ 403 KB
127 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 19:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42858
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129682
x-xss-protection: 0
server: cafe
etag: 12917394590533080382
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 02 Sep 2024 19:41:32 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 18ms
3ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 12:25:46 GMT
content-encoding: gzip
age: 673804
x-guploader-uploadid: ADPycdvCS3RucLpjDHLNHpg58jikxCb8UFh7PEMfWMv00CpaPIhLhdyZDz37ilmUQz8lws3yaOHfC9mpE9XnNZ9GIqgiCw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 26 Aug 2024 12:25:46 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 350ms
333ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: d72fc4a8b6f882b03486ab488b28bf1b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 22ms
6ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 05 Sep 2023 07:35:50 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 40 KB
9 KB 35ms
10ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Aug 2023 18:38:49 GMT
server: cloudflare
age: 313274
etag: W/"64cd45b9-a13f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 80148edafd3e4dc2-SIN
expires: Thu, 07 Sep 2023 07:35:50 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
896 B 531ms
178ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
content-encoding: br
age: 29722
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-maa10229-MAA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 474ms
158ms Script
text/javascript 54.230.112.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.112.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-112-53.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 15:55:11 GMT
content-encoding: gzip
via: 1.1 9e5eaf10e1b26eb584408c32359e19b8.cloudfront.net (CloudFront)
last-modified: Tue, 22 Aug 2023 15:52:21 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-C1
age: 56440
x-amz-server-side-encryption: AES256
etag: W/"abaee4c7a9cdd5e5098ecb24384e9e09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 8LWiBiHWfFUxCsQO0q_yPrB35mZPP2ihuUtnJ-o2KCPVP-22pEsiYg==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 119 KB
26 KB 39ms
21ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2023 10:48:56 GMT
server: cloudflare
x-amz-request-id: H1KMHZPK8XW626E0
age: 428
etag: W/"e6744398f78bbd5138fa1a9e34f686e4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 80148edafe3840e9-SIN
x-amz-id-2: 9htVRa1wQMpOhtcgSibDtDJn+/vfitt1zB9WmCGDZ6ORo0t1bJuWmsdMvmVkH91SmeJascOhKU5bDnLornbJUg==

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&rid=esp&cc=1

85 B
204 B

209ms
208ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&rid=esp&cc=1
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 6825bcb275188299e395fa59c964cb0ee5a70f7f6f08cfca7967ae0652346f54

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-V+fYeUB7gTi51+CWtyb+oqxTj/g"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://gq.globo.com
location: /esp?url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6523 15 KB
6 KB 105ms
35ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=gq.globo.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 07:35:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 244118
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
321 B 506ms
166ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gq.globo.com
date: Mon, 04 Sep 2023 07:35:50 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 tv4.min.js Show response
s3.glbimg.com/cdn/libs/tv4/1.3.0/ 28 KB
10 KB 360ms
360ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/cdn/libs/tv4/1.3.0/tv4.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d2bdc2678d18edab60e99f79608e5acb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-openstack-request-id: tx6f444bd072d742e7a963b-006440290f
last-modified: Fri, 25 May 2018 14:11:50 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: application/javascript
x-timestamp: 1527257509.32548
cache-control: public, max-age=31536000
x-trans-id: tx6f444bd072d742e7a963b-006440290f
x-request-id: 70178525-11af-41ac-b3f9-3d9636c01b45

GET
H2

200

https://id.globo.com/auth/realms/globo.com/protocol/openid-connect/auth?client_id=revista-gq%40apps.globoid&redirect_uri=https%3A%2F%2Fgq.globo.com%2Flogin-callback.ghtml&state=11f03c0e-c734-4772-8...
https://gq.globo.com/login-callback.ghtml

345 B
845 B

366ms
366ms

Document
text/html

201.7.177.252
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://gq.globo.com/login-callback.ghtml

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d2bdc2678d18edab60e99f79608e5acb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

201.7.177.252 , Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

Software

Resource Hash

956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=10
content-encoding: gzip
content-length: 244
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 07:35:52 GMT
expires: Mon, 04 Sep 2023 07:36:02 GMT
show-page-version: 0
vary: X-Forwarded-Proto, User-Agent, Accept-Encoding
via: 2.0 CachOS
wall-blocked-session: 0
wall-subscription-level: 0
wall-usl-status
x-bip: 29706842 cmad07lx22ca03.globoi.com
x-cache-status: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-location-rule: ghtml
x-mobile: desktop
x-request-id: 41967213-fe4e-4465-bc7a-623ca68fd971
x-served-from: rpaas-multi-domain-edg3-prod, Show Services GCP
x-thanos: 0A82BC0C
x-virtual-host: gq.globo.com
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since, framework_version_header, system_version_header, platform_header, app_id_header, access_header, globoid_connect_apikey
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, must-revalidate, max-age=0
content-length: 0
date: Mon, 04 Sep 2023 07:35:52 GMT
location: https://gq.globo.com/login-callback.ghtml#error=login_required&state=11f03c0e-c734-4772-8092-598ef98fff20
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 2022-09-14-daniivalverdee-dilsinho-dvd-154.jpeg
s2-gq.glbimg.com/f6GN66nJ6CrrPJDXjZcFUAiC2vo=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/G/b/it9ANfTKagSGBY9bpABg/ 9 KB
10 KB 345ms
344ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/f6GN66nJ6CrrPJDXjZcFUAiC2vo=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/G/b/it9ANfTKagSGBY9bpABg/2022-09-14-daniivalverdee-dilsinho-dvd-154.jpeg
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d4d44b0aedd2ede33717345624039038de5230e1bdabce04b46386c70764271a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 183810970 ah22 41 02
age: 628674
x-cache-server: thumbor/nginx-cache
content-length: 9664
x-cached: MISS
x-request-id: 1c587b36-92ab-4d61-a060-317edb93352d
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "d8e2498650bede507ab116c63f05d40620dbdf7e"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:55 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6523
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=globo.com&sn=ChromeSyncframe&so=0&topUrl=gq.globo.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3tCStnxZdDBQUEpJTGptYTRYTUN3OVg0RzFiUktoYnE0UTZtSXpKRHN4UEtubkQrOGVSSkxtSGlEa3N2UkhodjVXamVONXFyVVlzN3NkMWdLYmxuRWdienk3Kzh3V1plSWswbnl4cGtpNTBPVE85MHVHSER6b2hYREVYUH...

433 B
657 B

31ms
9ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3tCStnxZdDBQUEpJTGptYTRYTUN3OVg0RzFiUktoYnE0UTZtSXpKRHN4UEtubkQrOGVSSkxtSGlEa3N2UkhodjVXamVONXFyVVlzN3NkMWdLYmxuRWdienk3Kzh3V1plSWswbnl4cGtpNTBPVE85MHVHSER6b2hYREVYUHBiY2NoMGhrNmdRUmYxb0N4L3EwTUtrL0tSMUNZNk1jMEhuZWZNYVhYdkJSTzVFMm1CL1hUZ1pkT3hLT1YzVXk0RWRpVmtoUmU0QUo3VkZsbXlxd1lDaW1PcXNNNGU3SkgwZ3RDY09OUFBmYUhxdEhXVmlVaWxjWGsyOTh6NU8vdEFDYmRiZWN5MHI4MlFTZnIvUW1QeGYwdjdYUE5Sdz09fA&cppv=2

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

ff04a1ee8902884e0cddedccd35fe23d7af5568e36b8e666de6b170a16651915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2228566
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3tCStnxZdDBQUEpJTGptYTRYTUN3OVg0RzFiUktoYnE0UTZtSXpKRHN4UEtubkQrOGVSSkxtSGlEa3N2UkhodjVXamVONXFyVVlzN3NkMWdLYmxuRWdienk3Kzh3V1plSWswbnl4cGtpNTBPVE85MHVHSER6b2hYREVYUHBiY2NoMGhrNmdRUmYxb0N4L3EwTUtrL0tSMUNZNk1jMEhuZWZNYVhYdkJSTzVFMm1CL1hUZ1pkT3hLT1YzVXk0RWRpVmtoUmU0QUo3VkZsbXlxd1lDaW1PcXNNNGU3SkgwZ3RDY09OUFBmYUhxdEhXVmlVaWxjWGsyOTh6NU8vdEFDYmRiZWN5MHI4MlFTZnIvUW1QeGYwdjdYUE5Sdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 605042
content-length: 0
expires: 0

GET
H3 200 ww.js Show response
cdn.ampproject.org/rtv/012308181609000/ 51 KB
14 KB 15ms
6ms Fetch
text/javascript 2404:6800:4003:c03::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308181609000/ww.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c216fe06fcee708fe34a324ea5622f6315dca2ca21ad47dfa38c33c19f4d4cba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: text/plain
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 29 Aug 2023 23:00:29 GMT
age: 462921
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14427
x-xss-protection: 0
server: sffe
etag: "28702e5052da1151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Aug 2024 23:00:29 GMT

GET
H2 200 api.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/ 43 KB
15 KB 362ms
360ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/api/stable/web/api.min.js?loading-agent=global-webdeps
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b0018456a1767ac34c964706ef617e2fc539d3f19924a4492670aaf26470318e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-openstack-request-id: tx747848932fd54fa39ca73-0064f57e14
last-modified: Mon, 28 Aug 2023 19:45:38 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693250228.000000
content-type: application/javascript
x-timestamp: 1693251937.33697
cache-control: public, max-age=3600
x-trans-id: tx747848932fd54fa39ca73-0064f57e14
x-request-id: 714cb9e8-c6d4-4a55-954c-b4d87e92070b

GET
H2 200 cadun.js Show response
s.glbimg.com/pc/ca/ 14 KB
5 KB 357ms
356ms Script
text/javascript 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 20785449 cmah10lx33ca02.globoi.com
age: 48810
x-cache-status: HIT
content-length: 4958
x-xss-protection: 1; mode=block
x-request-id: 39bf7310-ec01-4d7e-892a-9cab27a4072f
last-modified: Fri, 11 Nov 2022 21:56:44 GMT
x-thanos: 0A835C26
etag: W/"d90f88fa40b545a289d34957b165ffb3"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 04 Sep 2023 18:02:20 GMT

GET
H2 200 globo-ab.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/ 24 KB
6 KB 383ms
382ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.4.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-openstack-request-id: tx621d17c603024e49a74b3-0064f58894
last-modified: Thu, 12 May 2022 20:00:29 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1652385628.79171
cache-control: public, max-age=180
x-trans-id: tx621d17c603024e49a74b3-0064f58894
x-request-id: 608b692a-0b6d-4bdc-b66d-423be94a0185

GET
H2 200 globo-ab-v2.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/ 34 KB
12 KB 391ms
391ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/globo-ab-v2.min.js?loading-agent=global-webdeps
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-openstack-request-id: tx047a49eb563a43e48da84-0064f4c71b
last-modified: Wed, 24 Oct 2018 17:17:43 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1540401462.48634
cache-control: public, max-age=86400
x-trans-id: tx047a49eb563a43e48da84-0064f4c71b
x-request-id: 91023e8f-b3ad-401a-b101-515c18a53558

GET
H2 200 globo-ab.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/ 21 KB
6 KB 406ms
405ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/globo-ab/3.0/globo-ab.min.js?loading-agent=global-webdeps
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-openstack-request-id: txa06c2b9c5a56451a8566f-0064f588c3
last-modified: Tue, 19 May 2020 15:37:59 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1589902678.74751
cache-control: public, max-age=180
x-trans-id: txa06c2b9c5a56451a8566f-0064f588c3
x-request-id: 501e2d79-fca5-4f81-b473-cf072951baf4

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
16 KB 441ms
440ms Fetch
text/plain 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2479426184086202&correlator=2314692402702686&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Ctecnologia&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&didk=3223810205&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693812950451&lmt=1693784150&adxs=892&adys=1680&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1600&ga_vid=1120136905.1693812950&ga_sid=1693812950&ga_hid=296211627&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYwYn6-KUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjBifr4pTFIAFICCGQSGQoKcHViY2lkLm9yZxjBifr4pTFIAFICCGQSFwoIcnRiaG91c2UYwYn6-KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMGJ-vilMUgAUgIIZBIUCgVvcGVueBjBifr4pTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMGJ-vilMUgAUgIIZA..&dlt=1693812946827&idt=3361&prev_scp=Editora.pos%3DTop%26rc%3Dbanner_materia1_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D9%26Editora.url%3Dbrecha-site-acompanhantes-fatal-model-informacoes-pessoais%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1693812950090%26prmtvvid%3D%26prmtvwid%3D&adks=1657172401&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eaa5435c5bea7548dc34969e0115b4b3466618be96c167f030f13a0ae57f90b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16431
x-xss-protection: 0
google-lineitem-id: 6364156480
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443139795
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dc6b241228a425d8dce77511b744b85e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9AC4 6 KB
3 KB 25ms
6ms Document
text/html 2404:6800:4003:c1a::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc6b241228a425d8dce77511b744b85e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 07:35:50 GMT
expires: Tue, 03 Sep 2024 07:35:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
78 KB 36ms
24ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5c5ce0c7f81e6f7447846a35812ab5ec04121d3a8be95ae73a0b59e40b9665e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79330
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 6D0F 925 B
567 B 24ms
14ms Document
text/html 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-relay/gq/prod/lib-pub-relay-gq-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

344a3f20ef266859578f11065f8834b44db13f7df3b2b4c66533c16241f22be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 247
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 07:35:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 fatal-model-gq.jpg
s2-gq.glbimg.com/grf_xJDvmH4dK-v7_xRRAT3PLMw=/0x0:1222x674/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/Q/h/5Lahs2R1uYk986eevneQ/ 29 KB
30 KB 345ms
344ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/grf_xJDvmH4dK-v7_xRRAT3PLMw=/0x0:1222x674/984x0/smart/filters:strip_icc()/i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2023/Q/h/5Lahs2R1uYk986eevneQ/fatal-model-gq.jpg
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: d580ca5afc1def28b3404481cc6d90adf721ad10fb1947c88e4d9edddddfb32e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 180878757 ah22 41 02
age: 208143
x-cache-server: thumbor/nginx-cache
content-length: 29974
x-cached: MISS
x-request-id: 3247985b-f037-4c96-81c7-53845c57cfaf
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "eff6f6a338b1ef2ffecda1747cf54c8973df8775"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Sun, 01 Oct 2023 21:46:47 GMT

GET
BLOB 200
OK e7dfc681-b8c9-4bbe-b4ef-61cb7b2ca749
https://gq.globo.com/ 51 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gq.globo.com/e7dfc681-b8c9-4bbe-b4ef-61cb7b2ca749
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88a7bc934b7e2796c50114637a0bf36f19244e0cf4e4b70f71db3e878bd15fd0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 52052
Content-Type: text/javascript

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 243B 268 B
158 B 13ms
7ms Document
text/html 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-NXVN776&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 07:35:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 0718 268 B
158 B 15ms
10ms Document
text/html 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-WSJ4QJD&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 07:35:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 96F3 268 B
161 B 10ms
6ms Document
text/html 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-M3GJS46&ancestors=GTM-WP5C9ZV&restrictions=&gtm.url=https%3A%2F%2Fgq.globo.com%2F

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.googletagmanager.com/ns.html?id=GTM-WP5C9ZV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
content-encoding: br
content-length: 92
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 07:35:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
vary: *
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 157 KB
57 KB 24ms
23ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NXVN776&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

958a1068ac6f988010621fb24c6b974fd7064b351cc579c678c1acf0fbd7047f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58557
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
44 KB 16ms
16ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a320b9fe035021f1d061a23eff171211b8e0da1bf79a11c36e9fccfe85ce685c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44949
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 154 KB
56 KB 21ms
20ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3GJS46&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1159dac7b66b9878bbda053511381f27a651b7b8e955b15c043d3145f14feb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57568
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 27ms
10ms Script
text/plain 2404:6800:4003:c1a::cf
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c1a::cf , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:08:21 GMT
content-encoding: gzip
age: 1649
x-guploader-uploadid: ADPycdt3bZ3a5GaVFCQu3LxP0tzpxc6-U1s6iPikzge9QUjwN0xG3hiwTcftRmI19Tu4dVItN8thRrw9ux5wx7aKc8b6aQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-generation: 1567453851562424
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type: text/plain
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
expires: Mon, 04 Sep 2023 08:08:21 GMT

GET
H2 200 tiny.js Show response
static.infoglobo.com.br/paywall/js/ 259 KB
58 KB 1542ms
324ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: 4f5d79540978df0d93658495e129ab30baa893e784b85934b131d5297448d459

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
x-proxy-cache: HIT
last-modified: Wed, 23 Aug 2023 12:55:33 GMT
x-cache-status: HIT
x-served-from: infoglobo-router-gcp, shared-cache
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
supportspointer: true
cache-control: max-age=600
charset: utf-8
x-request-id: 586100183b2ae6b26252d40acf251cb4
expires: Wed, 30 Aug 2023 22:32:43 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/editoraglobonetwork/ 873 KB
70 KB 715ms
167ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d0e2b280e2321b8ac40e2524734d3137c3aa118f95390c057f5491e0c4be48e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: LJJTQFhJ..jZEyDEhDnthhhfxr4_U3pL
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:51 GMT
x-amz-request-id: WZZ6FJ3Q3AMSGTYH
age: 6076
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 12
x-amz-replication-status: FAILED
content-length: 71275
x-amz-id-2: ql53X0+Z+Squ572a4Woz+F0po5F3QcBBRblPrbuU81olH+S3xL9AemwDpCaCdrCzPwEA3XNezOI=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Mon, 04 Sep 2023 05:54:35 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812951.176713,VS0,VE3
etag: "1e3e9aa9b3f99b4405703000b9ad326f6c8d408d"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 23
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lib-pub-ext-tags-gq-latest.js Show response
s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/ 2 KB
1 KB 2370ms
2370ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-openstack-request-id: tx75266356f13c4b248e970-0064f588d6
last-modified: Tue, 07 Mar 2023 22:45:23 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1678228387.000000
content-type: application/javascript
x-timestamp: 1678229122.73062
cache-control: public, max-age=180
x-trans-id: tx75266356f13c4b248e970-0064f588d6
x-request-id: 8c1d51a3-e189-4624-b668-20c59452431f

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 52ms
50ms Fetch
text/plain 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2479426184086202&correlator=2581467649903518&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Ctecnologia&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&didk=3851748554&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693812950560&lmt=1693784150&adxs=212&adys=7027&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vis=1&psz=1176x26&msz=0x26&fws=4&ohw=1600&ga_vid=1120136905.1693812950&ga_sid=1693812950&ga_hid=296211627&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYwYn6-KUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjBifr4pTFIAFICCGQSGQoKcHViY2lkLm9yZxjBifr4pTFIAFICCGQSFwoIcnRiaG91c2UYwYn6-KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMGJ-vilMUgAUgIIZBIUCgVvcGVueBjBifr4pTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMGJ-vilMUgAUgIIZA..&dlt=1693812946827&idt=3361&prev_scp=Editora.pos%3Din-image&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D9%26Editora.url%3Dbrecha-site-acompanhantes-fatal-model-informacoes-pessoais%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1693812950090%26prmtvvid%3D%26prmtvwid%3D&adks=448705941&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

384bc9d733726a49e18885c96e91d708d0209c4cce974fce6f20a55615252cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11737
x-xss-protection: 0
google-lineitem-id: 5705152523
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351013436
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 147ms
145ms Fetch
text/plain 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2479426184086202&correlator=3943702316666060&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Ctecnologia&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&didk=4212400324&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693812950564&lmt=1693784150&adxs=212&adys=7027&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vis=1&psz=1176x26&msz=0x26&fws=4&ohw=1600&ga_vid=1120136905.1693812950&ga_sid=1693812950&ga_hid=296211627&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYwYn6-KUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjBifr4pTFIAFICCGQSGQoKcHViY2lkLm9yZxjBifr4pTFIAFICCGQSFwoIcnRiaG91c2UYwYn6-KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMGJ-vilMUgAUgIIZBIUCgVvcGVueBjBifr4pTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMGJ-vilMUgAUgIIZA..&dlt=1693812946827&idt=3361&prev_scp=Editora.pos%3DDhtml&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D9%26Editora.url%3Dbrecha-site-acompanhantes-fatal-model-informacoes-pessoais%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1693812950090%26prmtvvid%3D%26prmtvwid%3D&adks=2729807119&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0ed72592b45c24786079cb8ea2bd31df82aa16cc3a15fc3784e0d52d5606678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11758
x-xss-protection: 0
google-lineitem-id: 5719675365
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138358624828
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
12 KB 248ms
246ms Fetch
text/plain 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2479426184086202&correlator=934452426563980&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Ctecnologia&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=640x360%7C640x480&ifi=4&didk=869953741&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1693812950567&lmt=1693784150&adxs=480&adys=3022&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vis=1&psz=1600x-1&msz=1600x-1&fws=4&ohw=1600&ga_vid=1120136905.1693812950&ga_sid=1693812950&ga_hid=296211627&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYwYn6-KUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjBifr4pTFIAFICCGQSGQoKcHViY2lkLm9yZxjBifr4pTFIAFICCGQSFwoIcnRiaG91c2UYwYn6-KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGMGJ-vilMUgAUgIIZBIUCgVvcGVueBjBifr4pTFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGMGJ-vilMUgAUgIIZA..&dlt=1693812946827&idt=3361&prev_scp=Editora.pos%3DInread&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D9%26Editora.url%3Dbrecha-site-acompanhantes-fatal-model-informacoes-pessoais%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1693812950090%26prmtvvid%3D%26prmtvwid%3D&adks=2803237510&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0ff3a87ab5596d023e515fc8518e47e5149070dbd32a45b2ce9aba3e2cae7f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11782
x-xss-protection: 0
google-lineitem-id: 6254375172
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138427700677
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1465ms
242ms Image
image/gif 34.210.191.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1693812950629&e=pv&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&page=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=136&p=web&tz=Asia%2FShanghai&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=e6737a37-d558-4cc4-9492-333051b7fd83&dtm=1693812950628&vp=1600x1200&ds=1600x7069&vid=1&sid=13dec34d-8c77-44ef-92d9-dc9394ba9a6d&duid=39196fbd-c194-4b4c-989b-8fa16736b771&fp=3484091294
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.191.15 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-191-15.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:51 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DABA 0
0 11ms
10ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurfgJ4fI8_-_HRDenHHwtsAUuAmPSze2c4QZEL4bWfU77UJKP6iSAaXxbAXiL4bVsTlifEPML8fRoUa8lMFvORo2rxPDgfwMlFz3uvfYSvrfc10JNh07FR6bjFxtjsIzjR_p23J2pnQMTwG_3NTSdhE_-NkZv_x9n86h0PrJos2qLGVnUvY5NWmmzS9i_Y-40udPuZcnF_pt3v3S-2d24oBIi-YyVIbByTRqIsXSjiUCOMEMfMtw0xWQVr95mhLzzEfxE9dxkEhn9XJLlNlbCIk4srwefmTdcD2ZlGw0NElBLaF9cRJHun3sEhX45vEGXQ&sai=AMfl-YQ7Ff_vSOoocpTqi-uJN10Kl0d3TAKDq7H3G1rxqqvXK15vGSDSS8Ht61S3tip-j94IT2zgVdgKIw25GcI1V3hzKr9AFS5JlMTey317z_z2PrYvu-vcrmr8duL10BBBiqPr8imkqflBB0cCedSC&sig=Cg0ArKJSzHgaJ_77_SRIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H2 200 7054-8828-01.js Show response
t.seedtag.com/t/ Frame DABA 45 KB
14 KB 263ms
241ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/7054-8828-01.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41d5ae0ea40a5cd3c07dc9fadbfea4465b63666ffea46cfb9435d651d0cf68a0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"b40e-jmaR1Y5lwFRdWhLnrmcwfYissU0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 80148eddb822a08f-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Sep 2023 07:55:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DABA 181 KB
57 KB 29ms
7ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H2 200 lib-analytics-latest.js Show response
s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/ 14 KB
5 KB 361ms
361ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSJ4QJD&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-openstack-request-id: tx7ae1c866354f4f378b04f-0064f5884a
last-modified: Tue, 23 May 2023 21:09:44 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1684872817.000000
content-type: application/javascript
x-timestamp: 1684876183.22388
cache-control: public, max-age=180
x-trans-id: tx7ae1c866354f4f378b04f-0064f5884a
x-request-id: e7de3a35-94f4-402f-9586-0bffcb400038

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame E0CF 484 B
735 B 28ms
12ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c7a60bd71e8c8ae0540b1256b0226fdf89d6ee43e372a8c2955979a7e012af8d

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 310
content-type: text/html
date: Mon, 04 Sep 2023 07:35:50 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
691 B 40ms
16ms XHR
application/json 18.142.88.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.142.88.219 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-142-88-219.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: bf3e4ceb9fbf3c083000e1e9ae238b37b4009c9fa4513e646c0fc9e042ecae16

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache
x-server: 10.42.4.21
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
DATA 200
OK truncated
/ Frame DABA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 992e92eb777e645063c2ef4c7a396e5cd6557ac08e33fe3ec15c5bccdd721e1a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E0CF
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0&gdpr_consent=

43 B
323 B

16ms
13ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=1daa739f-1f4e-7da3-c456-422d630e332b&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame E0CF
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZPWI1sCo8YQAABUX2GQAAAAA

43 B
106 B

12ms
9ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZPWI1sCo8YQAABUX2GQAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 04 Sep 2023 07:35:50 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.198","key":"ZPWI1sCo8YQAABUX2GQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad422"}
X-SO-Key: ZPWI1sCo8YQAABUX2GQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad422
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZPWI1sCo8YQAABUX2GQAAAAA
Cache-Control: private
X-SO-HostName: m-ad422.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-IP: 209.58.162.198

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame E0CF
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT042FE4PAV3ks8AD7ImDFiUg88AAAGKXx6KAw

43 B
61 B

12ms
12ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT042FE4PAV3ks8AD7ImDFiUg88AAAGKXx6KAw
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: MRS52-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AT042FE4PAV3ks8AD7ImDFiUg88AAAGKXx6KAw
cache-control: no-cache
content-length: 0
x-amz-cf-id: hvBZrS3ueL4eEB5azqdPKRQzDuIGCYFNYsvXWDlpRMNOu5VxxpLhuw==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E0CF 170 B
243 B 70ms
54ms Image
image/png 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzFjNWEwNTUtZDYzOS0yMzA3LWQxYjYtMTg5NGE5ZWNmZDRi

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame E0CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHlVwLCmIhhPOqbZtfuba-E&google_cver=1

43 B
106 B

11ms
9ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHlVwLCmIhhPOqbZtfuba-E&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHlVwLCmIhhPOqbZtfuba-E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A001 0
0 13ms
11ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstw_vyq4EANJ5HNHaHSB5ZnDpivofXRFIvqD7TqlNVEiADqQTd19-LafK1bAZkTEpfkvFH0s-A0jiRcPNqj-ixJ0sKCsOzX8vIKE9MkTX1l4uU3AAmuqIKIPeIwtyV3Og7IJTigTghoAbRR3TehH8QLvI0sh57aEuU1W7VC8JK1RR7UmfyxJJ5_dDknjtt4HhlBvqBR7INkBqP1STfVuhuOext2YFRT3TB9LMCfUjob_u0RkIUlXAUWmLxxvI-A0vYY1j2r9XbIbM39fwep5_TzEluw4PonlUuUdPwDSBnKMTKvACoQcnYfjEU4jO2yaDWJZRIwJ4ytL5XaYQItW9NZP1I&sai=AMfl-YQk4ZcQET86d3Jyx_389VrNpKNJ0CPYWXZU5Nd2MXpRi_Ths-XF65YBPwYpwwvcufuUoWELTvKqZfRUv0Tbgx1n6cmkkALZ4oW4Yz2ZeC73skBKxTH9mFSdEvI-KRvHEcHqQltH0i7r4Q7Ab6lv&sig=Cg0ArKJSzC440DDt106UEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK gq.globo.com_16998.js Show response
ads.vidoomy.com/ Frame A001 2 KB
3 KB 799ms
253ms Script
application/javascript 3.19.54.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/gq.globo.com_16998.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 362d26569e4ce1a6a529a7437be6f359b155de2ae2a0e6d575c070d08375feb5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:51 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 2555

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A001 181 KB
57 KB 23ms
21ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H2 200 schemas Show response
horizon-schemas.globo.com/ 144 KB
14 KB 1543ms
736ms XHR
application/json 186.192.81.117
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-schemas.globo.com/schemas
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d2bdc2678d18edab60e99f79608e5acb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.81.117 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-81-117.prt.globo.com
Software: /
Resource Hash: ac121a04ee29cdc5c52c004c59aec3d9e06d82148568c810e15d192fd652623c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
via: 2.0 CachOS
x-bip: 121575771 ah19 29 05
age: 0
x-thanos: 0A819C03
vary: Accept-Encoding, X-Forwarded-Proto, Accept-Encoding, Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
cache-control: max-age=7200, public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST
x-request-id: 4706bd3d-66b0-47f9-bd20-cbc98a67fca4

GET
H2 200 2022-09-13-design-sem-nome-2022-09-13t171658.192.jpeg
s2-gq.glbimg.com/jrl-bBFHPg_eixKdYOXt3HNAzlY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/b/9/ujeC4WQKKsAG1i6RZQqw/ 7 KB
7 KB 345ms
344ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/jrl-bBFHPg_eixKdYOXt3HNAzlY=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/b/9/ujeC4WQKKsAG1i6RZQqw/2022-09-13-design-sem-nome-2022-09-13t171658.192.jpeg
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: b506a750f54f579dad6bbcf6f0394df6f61f01ce3423cf4b4e99f84cefbbbfbb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 183810972 ah22 41 02
age: 628675
x-cache-server: thumbor/nginx-cache
content-length: 7212
x-cached: MISS
x-request-id: e3db05cc-da4d-49de-8828-5cd76d99b700
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "5031d91863967eb1bc4a0027d35c01b875af1928"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:55 GMT

GET
H2 200 2022-09-14-larissa-manoela.jpeg
s2-gq.glbimg.com/T_g3KtNyti90_sHxw-oJgnhgSPQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/C/E/GaEH9mRZGQosDWFJRkBQ/ 11 KB
12 KB 345ms
344ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/T_g3KtNyti90_sHxw-oJgnhgSPQ=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/C/E/GaEH9mRZGQosDWFJRkBQ/2022-09-14-larissa-manoela.jpeg
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: a68143f3da73f6c1fa44f41c63d9838c830753ea5f0253b3dc983d8e4fba2921

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 182736736 ah22 41 02
age: 628675
x-cache-server: thumbor/nginx-cache
content-length: 11572
x-cached: MISS
x-request-id: 696cb534-d779-421f-85bd-9d41bd75fff0
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "aa90c4db34c4b5268f238eb6e0253004d1dd7d8a"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:55 GMT

GET
H2 200 2019-09-30-gettyimages-3248783.jpeg
s2-gq.glbimg.com/H2yiGU8WUrcc4-t3NBH8UIp25wM=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/r/U/QhVwE4SNWg1cZ5TkiU7Q/ 16 KB
17 KB 384ms
384ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/H2yiGU8WUrcc4-t3NBH8UIp25wM=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/r/U/QhVwE4SNWg1cZ5TkiU7Q/2019-09-30-gettyimages-3248783.jpeg
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 0e1b203cc72c4022571c759d7f39e0a2252f2c02b856b9e41ca757ffecc48793

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 182131499 ah22 41 02
age: 628675
x-cache-server: thumbor/nginx-cache
content-length: 16500
x-cached: MISS
x-request-id: f0169af6-8bf1-438e-b383-e82d431b5a9c
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "de0376a5c2fc9a7696016fb27a8d7e0cd2029a00"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:55 GMT

GET
H2 200 gettyimages-984478568.jpg
s2-gq.glbimg.com/U2GrmZbbFfRl9fqLKBpswUx0ErU=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/v/P/zkSFCORR6LKY3UXMiCJw/ 29 KB
29 KB 413ms
413ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/U2GrmZbbFfRl9fqLKBpswUx0ErU=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/v/P/zkSFCORR6LKY3UXMiCJw/gettyimages-984478568.jpg
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 235797af92cf2063b6a8569d12511653473b02336b84213d35a481cc8c5579c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 182169254 ah22 41 02
age: 628674
x-cache-server: thumbor/nginx-cache
content-length: 29728
x-cached: MISS
x-request-id: 03800927-1021-46c3-8d7c-9f92ce2fe8c1
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "6036a18b28924bec5b8a02f76ade59805b754094"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:56 GMT

GET
H2 200 2019-09-05-img-0337.jpeg
s2-gq.glbimg.com/J5ByHQt-fduqxn36no6qQ3M3vuk=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/c/6/jSlyfERDetkPzo4yDvSg/ 7 KB
8 KB 680ms
680ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/J5ByHQt-fduqxn36no6qQ3M3vuk=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/c/6/jSlyfERDetkPzo4yDvSg/2019-09-05-img-0337.jpeg
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 650db7f0fec1fedc718d5b11fac9d32724a82154473e12493bf8986c3cfbb061

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 183810973 ah22 41 02
age: 628674
x-cache-server: thumbor/nginx-cache
content-length: 7418
x-cached: MISS
x-request-id: d88b71d3-ad00-45ae-b241-c2b073b164cf
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "769ec18a755015035aaa1c2f6c17192f15b2f7fb"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:56 GMT

GET
H2 200 2019-07-18-cq5dam.web.1200.675.jpeg
s2-gq.glbimg.com/quNHW8cUI84tToq_CaGQPAUoou0=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/z/m/JDT7EYQkAXY2YosUFlAg/ 11 KB
12 KB 679ms
678ms Image
image/webp 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/quNHW8cUI84tToq_CaGQPAUoou0=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/z/m/JDT7EYQkAXY2YosUFlAg/2019-07-18-cq5dam.web.1200.675.jpeg
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 11ddaa56734f2d28feadcb817490ce7eea38371fc6b70d15d01f8a5b5dd3190f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 182736737 ah22 41 02
age: 628674
x-cache-server: thumbor/nginx-cache
content-length: 11630
x-cached: MISS
x-request-id: 322e707d-b3df-4d13-9f2e-3745f225cac7
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "562d6acf32f3d066a3887e024a36baf7bd81f562"
vary: Origin, Accept
content-type: image/webp
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:56 GMT

GET
H2 200 2019-09-10-wired-d-carta-trunfo-vivianepepe.gif
s2-gq.glbimg.com/d7uAQ_NE1gyUWL_KNGe2M3fmbRc=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/M/c/wOvcMzTeeZd7lKn7igOg/ 1 MB
1 MB 677ms
677ms Image
image/gif 186.192.91.9
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s2-gq.glbimg.com/d7uAQ_NE1gyUWL_KNGe2M3fmbRc=/540x304/top/smart/https://i.s3.glbimg.com/v1/AUTH_71a8fe14ac6d40bd993eb59f7203fe6f/internal_photos/bs/2022/M/c/wOvcMzTeeZd7lKn7igOg/2019-09-10-wired-d-carta-trunfo-vivianepepe.gif
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_f7772c2cb2fd4af2bb8929c0ae6fdba7/backstage/build/latest/client/bastian-202308df6a7b44df8a145ea677f4fe3fa930e1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.91.9 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-91-9.prt.globo.com
Software: /
Resource Hash: 70c801797ddb968471bf75da87a5f98f38301acf3fb86b093b1379acc919ac49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 2.0 CachOS
x-bip: 182131500 ah22 41 02
age: 628674
x-cache-server: thumbor/nginx-cache
content-length: 1255819
x-cached: MISS
x-request-id: d11b53ff-1f31-4ccb-9544-d2de4ef880dd
x-forwarded-host: s2-gq.glbimg.com
x-thanos: 0A841C08
etag: "d178bec7968bed3c9374ece346e60dea56ae881d"
vary: Origin, Accept
content-type: image/gif
cache-control: max-age=2592000,public
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Wed, 27 Sep 2023 00:57:56 GMT

GET
DATA 200
OK truncated
/ Frame A001 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 544c8c97443433f68347f6edcc349597bd02e599fda8d47f38c4959d8be39b8a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F3F 0
0 14ms
13ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshaa2kWDn7CRNGSYoCFe5pwg1Dtdy-jCZlRoyl_dK36m4MgHx-9ykJQKtFciRfaFZ8moe71ZNZEkUkai_Pl03z0dzMqDziW3OSuoZBWfpbtnhyfj44PiBCfZLT2Y4Oka1nfG75204UWH1ClwUHlv3AhpHf62Ri1eYil_T08ZRTnlkbxDl6Z17DE1zLipb2ThCapA4Q2x5XvdWGDU_h49DikxC_ehBvV3WsqGUEyj_R1VYDFnu_MWsD73gfeBwfsDF1ovxYtjtf8GfyDM--JKLvSRa5j3AuPS54_7ViJdYH0xYkFB80f5auMrjYBgf0aqzmhNG4&sai=AMfl-YSb6hqSACU0liuutZNOGHsULE5t7NfFfMfzfGQwovyazx8Pce3b3tMLm0krR9IKk3j4xyYc3Hw2D1Qh9DTCNrUrJ9Atpg21re5W6sXzNG3MsCk7uGo8aPvNZy1CWW1LG27rgumSb4gkKhgmDT9m&sig=Cg0ArKJSzOuglFLyOPYcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 29566177.js Show response
t.seedtag.com/a/ Frame 3F3F 433 B
378 B 201ms
200ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/a/29566177.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549d46480adbf964058610eba1cd8d4ff39c438abf620d4e1482a26c4ff76ecf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 Sep 2023 00:45:01 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 80148edee964a08f-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Sep 2023 07:55:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F3F 181 KB
56 KB 6ms
5ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 07:35:50 GMT

OPTIONS
H2 204 logged
cocoon.globo.com/v2/user/ Frame 0
0 1316ms
1301ms Preflight 35.244.153.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.153.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://gq.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://gq.globo.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Sep 2023 07:35:52 GMT
server: nginx
via: 1.1 google

GET
H2 200 login.css
s.glbimg.com/pc/ca/ 846 B
922 B 356ms
356ms Stylesheet
text/css 186.192.91.5
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.glbimg.com/pc/ca/login.css

Requested by

Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

186.192.91.5 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),

Reverse DNS

186-192-91-5.prt.globo.com

Software

Resource Hash

d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: barra-gcs
date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 2.0 CachOS
x-bip: 20945593 cmah10lx33ca02.globoi.com
age: 48810
x-cache-status: HIT
content-length: 419
x-xss-protection: 1; mode=block
x-request-id: 8937943b-9a76-4361-bc66-e565a0a7ca5d
last-modified: Fri, 11 Nov 2022 21:56:44 GMT
x-thanos: 0A835C26
etag: W/"263666896930a877f4ad09cc6d6e75ea"
vary: Accept-Encoding, Origin
x-served-from: estaticos-gcp-prod
content-type: text/css; charset=utf-8
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: Content-Type
expires: Mon, 04 Sep 2023 18:02:20 GMT

POST
H3 200 logged Show response
cocoon.globo.com/v2/user/ 211 B
232 B 1323ms
1316ms XHR
application/json 35.244.153.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cocoon.globo.com/v2/user/logged
Requested by: Host: s.glbimg.com
URL: https://s.glbimg.com/pc/ca/cadun.js?loading-agent=global-webdeps
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.153.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.153.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e53b5588b78b083f303fdf57b94670372449ea228bda092fb90c63729122843f

Request headers

Referer: https://gq.globo.com/
X-Requested-With: XMLHttpRequest
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
access-control-allow-origin: https://gq.globo.com
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, If-Modified-Since
content-length: 211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:gq:desktop:multicontent:ep/ 0
0

POST chooseAndIncrement
globo-mab.globo.com/mab/bastian-advwblt-r5:gq:desktop:multicontent:dinamico/ 0
0

GET
DATA 200
OK truncated
/ Frame 3F3F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2a6141c4821c70b4cfc843263b84bf42373dfdf99b671fd77c44fc0a0154773

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

B30382929.372561482;dc_pre=COLLh_q4kIEDFamjZgIdxw4BRw;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 Show response
ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/ Frame 4A42
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372561482;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372561482;dc_pre=COLLh_q4kIEDFamjZgIdxw4BRw;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rd...

15 KB
12 KB

26ms
25ms

Fetch
text/javascript

74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372561482;dc_pre=COLLh_q4kIEDFamjZgIdxw4BRw;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

01e8674c0842de3c129db7f8a328f9660b0a450c685860b0af45683fde348a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11801
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372561482;dc_pre=COLLh_q4kIEDFamjZgIdxw4BRw;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=595770655;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A42 0
0 10ms
9ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpesukjcCcQ_DKIxIwUtJnaoa-E5JUe5xIOOkxYIywdfJpNwOrm61xvwJJPNUX66RcXYs40IhVcfE8qEbC3onE3z9SVm28EpdNoq3fV9IKioeHws0sOaLMxhY7J-Fv2nbTSfBjqo0QnWKN98P5n01Nzqx_v8Awi0BKeV8lXBxdEZRccCPtIH0-i7KhqPwRM1s2Ahbttut8SQnyn3scqC0PSbsVCzJM-sJdrNJ8UDZkaqoRTxVlxM0qoR-Uk5oYLMtmmzkBbmHH5hHruWYr1Et-SNwkvsexKXo_rfja9TIs8v8xFoHPaEfnuJqcXnjzqeX-J1oV0w&sai=AMfl-YTFFTKQ6n27krZa9A2jItFMbGf0B1UUQG2iqXT_VTpfA8R44kuMw6K2mI5fEJNPYBU_0OzvGvpEIuloBMAe17e-vkRr2jJ9RoiFvaX2CenyN_QVtc8w6eSkefgepcgRFOdVr2j1MCsb2F7XUL_x&sig=Cg0ArKJSzGKRc6yccwpnEAE&uach_m=[UACH]&adurl=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 4A42 3 KB
2 KB 20ms
5ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 06:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 06:07:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A42 181 KB
56 KB 10ms
10ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H2 200 2250222277591747607
tpc.googlesyndication.com/simgad/ Frame 4A42 41 KB
41 KB 20ms
7ms Image
image/gif 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2250222277591747607

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c22dc40c91a025fe9c373dc87b01f334d7de7fcd93f5c8be7ab77233261cf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:02:44 GMT
x-content-type-options: nosniff
age: 1986
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41967
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 15:42:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Sep 2024 07:02:44 GMT

GET
DATA 200
OK truncated
/ Frame 4A42 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0349d05bbde38108259c26c6a765b63ec5484f62db90ef513da5378cdf835a60

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 7054-8828-01.js Show response
t.seedtag.com/t/ 45 KB
14 KB 18ms
15ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/7054-8828-01.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/7054-8828-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41d5ae0ea40a5cd3c07dc9fadbfea4465b63666ffea46cfb9435d651d0cf68a0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 0
etag: W/"b40e-jmaR1Y5lwFRdWhLnrmcwfYissU0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 80148edf69e8a08f-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Sep 2023 07:55:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DABA 0
0 20ms
8ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseIIaiITS3H5Nd-zi8u-Z-lHBxpnEtGP7pfc0WHE4d9BORrmvKR7z5iw3uC0sdnXMLa7aWkrrZJ2CdCf3JJmmATzwrReOriIuUnoBIkehGTTK6LgmlQv7ObG2iY14AI9DW3iIS-GQPIFmu0oFtnlWgO10ZHiFlfuCQi_kbMt6fjNVQvLN5S0z9gvee8JdkB2uxacttITOMu2ORxEYlB1gFSYnBJB37f5FJIpmNXexPW5-xYLUBYsdFvQSy8JQMxRU2FSH5atcmoDAdvUd01ZR620RSNTlvxs1D6Hy1-9YeZiuUOtUFZ5z2L7lYc9-XZlQb-ys&sai=AMfl-YSma-qNa4Vyrd-07bJQztVNSvoBnnyPHluM7T3IfNHy1MshuhuMgDCcdwhoY8HPhep9pEUUZ9uVRcUEKwGjDkrqtYjz8mcBVle-o8n2M0bj-c06iUyPcXBt4VmCL9-axtEbpOM6LA5KLEtmsoDY&sig=Cg0ArKJSzIg16BvV6iRdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4A42 0
0 9ms
9ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm1sFutAOU2zoZnyxgLn1TQsPdvRwGq4vWQGilWLgWxMo0Y9AqAj3RChATbCLvRPNtENx1lsXT0izNQXHpexKiEfRyfKvEP8QyFA5QeYc6K3V2yNOcn_MLKC8UXBlQTNqgIDLc-ZW50YEmkjw470xgvSetT8xgTqoGGKqKmH2chZH4aZB-Vj3huf4fMQMbwbMdftpSXHZahTGzkFuBTADj70lVTAAZbc6mSgHc3kMkm02BzaPBJEMHuKR2JOCV-0aLl0-i_vb3Y7ColCqvCPWyx1Ym625CwQULXuRlxTch5wUKzhgAAjeEVtprZX-Up1pnMET8_WUZ&sai=AMfl-YRIi5arWBaJno8PbEBwzzi_jfSIbK6XPRv6LNO47ZApN9ZxupOPsGtoEx3DqdCZel0YZqhHh29BS2z39F639Cf51WzOetFvrK7VPYiYEuajKaFfhnq5AQe0EvyA9jPNB9624dxINhEx4FpFYkUw&sig=Cg0ArKJSzFiLffijEcwJEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:50 GMT

GET
H3 200 st_1.b5e617f7098599ff1680.js Show response
t.seedtag.com/c/ 59 KB
18 KB 28ms
28ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_1.b5e617f7098599ff1680.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/7054-8828-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f76a04c831251527558db21a76b7b4cb1eee3592fc77318ea17f8f5b57e412

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 69266
x-guploader-uploadid: ADPycdvtE564E7iN_4mRrcjQQ0-Euh9RRb6o0VOUmw3atALMaaPCDpYOrvOtmNPMABg9T_ro7HIAmwx2Vq5lO22pI9wJtA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:09 GMT
server: cloudflare
etag: W/"fd468ec638d2a9ec80be5cd385a353eb"
vary: Accept-Encoding
x-goog-generation: 1693570869411104
content-type: application/javascript
x-goog-hash: crc32c=eQ/h9g==, md5=/UaOxjjSqeyAvlzThaNT6w==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 17632
cf-ray: 80148edfad393f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H3 200 st_0.fcada515d3e60e68cee7.js Show response
t.seedtag.com/c/ 310 KB
88 KB 32ms
30ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/7054-8828-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dbff076b37bfae29e95c8163528884ad70173acc4f129edeb40ead09ee3af1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 69269
x-guploader-uploadid: ADPycdtA4N0rhWC3s27af8KYX0_Ry5fMEWlDUkFisAanwvPNQ15LbOUoHcUlSrdgXuDZg7ifezdxgt87srxiC40I7W8FIyO4bCZO
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:10 GMT
server: cloudflare
etag: W/"da741a738ae5e882ee309285e11de90a"
vary: Accept-Encoding
x-goog-generation: 1693570870099079
content-type: application/javascript
x-goog-hash: crc32c=ENHxzg==, md5=2nQac4rl6ILuMJKF4R3pCg==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 90935
cf-ray: 80148edfad3c3f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H3 200 st_2.ec169b3f7cb1f103b20d.js Show response
t.seedtag.com/c/ 5 KB
2 KB 22ms
20ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.ec169b3f7cb1f103b20d.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/7054-8828-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c20914598c73335f8ee2f206fa1518982b6a036d392881a3f18701a1f7576ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 69269
x-guploader-uploadid: ADPycdupRtmXr_9Jz1-qgaznEKSw_tEkif2xcANLvrqkJ5MBX2nwyCBFum_SSVHnED2iSoZq04JZpe4DcXvMcrbVMfXrQw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:09 GMT
server: cloudflare
etag: W/"6ffe36812a96467bd9b20a64bb8c5131"
vary: Accept-Encoding
x-goog-generation: 1693570869937012
content-type: application/javascript
x-goog-hash: crc32c=kmUxxA==, md5=b/42gSqWRnvZsgpku4xRMQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 1853
cf-ray: 80148edfad3e3f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H3 200 st_3.53793d74f09b3bfb8e19.js Show response
t.seedtag.com/c/ 55 KB
15 KB 24ms
23ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.53793d74f09b3bfb8e19.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/7054-8828-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7409ac422e620496ba8c1b9f9a5f786aaf9f8c1c698b3cf3f97f5667a603a14d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 69266
x-guploader-uploadid: ADPycduznkOxlr_hNIICBAXVRUgOHiKqxudydZHjamwquAb2riX7yIJcUKCPp-exgbG1g1_zM6sftFzoofE1pZSSbL0FZQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:09 GMT
server: cloudflare
etag: W/"155c0173fd793651200c8404bfa34808"
vary: Accept-Encoding
x-goog-generation: 1693570869806951
content-type: application/javascript
x-goog-hash: crc32c=I2lO1Q==, md5=FVwBc/15NlEgDIQEv6NICA==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 14310
cf-ray: 80148edfad413f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H2 200 / Show response
usergate.globo.com/ 31 B
303 B 1543ms
320ms XHR
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: 39071142a3241a4893fcf57fbc949362ced12aa74326a9224142bbcb6c8fc773

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H2 200 pv Show response
s.seedtag.com/c/ 4 KB
4 KB 210ms
193ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=7054-8828-01&device=desktop&fullUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cache=1693812951062&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2a0f282208d7449401593cb7d39d1d5101310844b49a8e8622acdd7052f6ad6c

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
etag: W/"1132-72HJHaUbkXZ1SDYPoCJZr1Htdc0"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 loader.js Show response
t.seedtag.com/c/ Frame 3F3F 43 KB
14 KB 16ms
16ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/loader.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/a/29566177.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32614df45b4c2d2357982f5cdf04a4fbec898e6b997479a954c2ab5fe05dc30c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 1251
x-guploader-uploadid: ADPycdv6VEHwZ1bRGFAjklb1DlaqwZgp9-yAZ6gXBSFq9TYLjZu-RU18grzpnZ3La9r_y2EhWxbpOUmcyd9SIXJWm2U-2A
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:10 GMT
server: cloudflare
etag: W/"ef63efdd99f36676d38a39858ed9aaed"
vary: Accept-Encoding
x-goog-generation: 1693570870367611
content-type: application/javascript
x-goog-hash: crc32c=mknqJA==, md5=72Pv3ZnzZnbTijmFjtmq7Q==
cache-control: public, max-age=1200
x-goog-stored-content-length: 13485
cf-ray: 80148ee02dfe3f9e-SIN
expires: Mon, 04 Sep 2023 07:55:51 GMT

GET
H2 200 iframe-later-thin-audima.html Show response
audio4.audima.co/ Frame 12A4 2 KB
1 KB 568ms
567ms Document
text/html 2606:4700:3032::6815:1d69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
Requested by: Host: audio4.audima.co
URL: https://audio4.audima.co/audima-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:1d69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91146956a08681b891390728895476570291f47d291a590bee602890ad93d0ba

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: max-age=14400 public
cf-cache-status: DYNAMIC
cf-ray: 80148ee11e1701f6-SIN
content-encoding: gzip
content-type: text/html
date: Mon, 04 Sep 2023 07:35:51 GMT
expires: Mon, 04 Sep 2023 11:35:51 GMT
last-modified: Fri, 01 Sep 2023 16:40:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YttfMXOPKcNs5t94F6tJKtt5l%2F2gPyDYT4empLy65xWvevYHIhR%2BslKO48KnAV1gcS2b%2Fq%2FEIpGCNPQQ8uJRGGfmNjXLPoCrFjxLg18SQhITafjTc%2F06nxZXQGGzZ1zPto3wBi9GCzloq7jR4MG4"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 st_1.b5e617f7098599ff1680.js Show response
t.seedtag.com/c/ Frame 3F3F 59 KB
18 KB 14ms
13ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_1.b5e617f7098599ff1680.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/loader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f76a04c831251527558db21a76b7b4cb1eee3592fc77318ea17f8f5b57e412

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 69266
x-guploader-uploadid: ADPycdvtE564E7iN_4mRrcjQQ0-Euh9RRb6o0VOUmw3atALMaaPCDpYOrvOtmNPMABg9T_ro7HIAmwx2Vq5lO22pI9wJtA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:09 GMT
server: cloudflare
etag: W/"fd468ec638d2a9ec80be5cd385a353eb"
vary: Accept-Encoding
x-goog-generation: 1693570869411104
content-type: application/javascript
x-goog-hash: crc32c=eQ/h9g==, md5=/UaOxjjSqeyAvlzThaNT6w==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 17632
cf-ray: 80148ee12f7a3f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H3 200 st_0.fcada515d3e60e68cee7.js Show response
t.seedtag.com/c/ Frame 3F3F 310 KB
88 KB 28ms
26ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/loader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dbff076b37bfae29e95c8163528884ad70173acc4f129edeb40ead09ee3af1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 69269
x-guploader-uploadid: ADPycdtA4N0rhWC3s27af8KYX0_Ry5fMEWlDUkFisAanwvPNQ15LbOUoHcUlSrdgXuDZg7ifezdxgt87srxiC40I7W8FIyO4bCZO
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:10 GMT
server: cloudflare
etag: W/"da741a738ae5e882ee309285e11de90a"
vary: Accept-Encoding
x-goog-generation: 1693570870099079
content-type: application/javascript
x-goog-hash: crc32c=ENHxzg==, md5=2nQac4rl6ILuMJKF4R3pCg==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 90935
cf-ray: 80148ee12f7b3f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H3 200 st_2.ec169b3f7cb1f103b20d.js Show response
t.seedtag.com/c/ Frame 3F3F 5 KB
2 KB 12ms
11ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.ec169b3f7cb1f103b20d.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/loader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c20914598c73335f8ee2f206fa1518982b6a036d392881a3f18701a1f7576ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 69269
x-guploader-uploadid: ADPycdupRtmXr_9Jz1-qgaznEKSw_tEkif2xcANLvrqkJ5MBX2nwyCBFum_SSVHnED2iSoZq04JZpe4DcXvMcrbVMfXrQw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:09 GMT
server: cloudflare
etag: W/"6ffe36812a96467bd9b20a64bb8c5131"
vary: Accept-Encoding
x-goog-generation: 1693570869937012
content-type: application/javascript
x-goog-hash: crc32c=kmUxxA==, md5=b/42gSqWRnvZsgpku4xRMQ==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 1853
cf-ray: 80148ee12f7e3f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H3 200 st_4.81826b256f8dfb33fcc0.js Show response
t.seedtag.com/c/ Frame 3F3F 21 KB
7 KB 22ms
21ms Script
application/javascript 104.16.112.121
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_4.81826b256f8dfb33fcc0.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/loader.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.112.121 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22428fb49c21949ab10e6e9dff58fa10edaa9683bd6d0efbb9282c3cdd5583b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 67845
x-guploader-uploadid: ADPycds2CzShskgdR_UWXO-v6TvgYmMQfvXUEizQz79OqqNa1smMl4K1orLcgy-ZdiNfPlF6YwFyxLsSMfHPeA8vmgAgcaG-YwVv
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 12:21:09 GMT
server: cloudflare
etag: W/"82d2551bc2f8d3d1aec20906ed8603d6"
vary: Accept-Encoding
x-goog-generation: 1693570869615174
content-type: application/javascript
x-goog-hash: crc32c=RFmGxQ==, md5=gtJVG8L409GuwgkG7YYD1g==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 6570
cf-ray: 80148ee12f803f9e-SIN
expires: Sun, 05 Nov 2023 07:35:51 GMT

GET
H2 200 player.min.js Show response
s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/ 2 MB
749 KB 360ms
360ms Script
application/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js
Requested by: Host: p.glbimg.com
URL: https://p.glbimg.com/api/stable/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 76e9616ad8742d347b042af297f16b971caeca721dd09e79fa2ad81e09e1572c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
x-openstack-request-id: tx159e4430e6254ffca88bb-0064f5837f
last-modified: Wed, 30 Aug 2023 19:10:01 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
x-object-meta-mtime: 1693422443.000000
content-type: application/javascript
x-timestamp: 1693422600.57551
cache-control: public, max-age=3600
x-trans-id: tx159e4430e6254ffca88bb-0064f5837f
x-request-id: 08b8f456-beb3-45ae-930b-858dc43eb741

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F3F 0
0 9ms
8ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszgojDUyCOUjn-ulPl8rUObkb5UPtZ_qE1-0viliKoAb1rxTwsooFByZyctO76yHR29HSiopxSInkObdukFAqoVQKb9DTIn-T9SNmdLZb1CC-zQQZEfFbe94CpxTAtqBqLPjBAes9a3q0gRN9Zg78LH7OUJlRfyNSmH11JogYerDLVOWsRAtHXyvltJ1glxpMmmMwrEAUGt67_KWY_zgkoihqvxjtV2bPnWF9ps3iWUUtWjQ67KTXtonKfmNxBT88cbfOOjCR4VO5cLms9_-PVutKOtlpD2qhhyon4xkr-kNo_L5WNJa3_GcvWjkL2t7cVIiM0bfE&sai=AMfl-YTF1WrtczpgGAFo6dFwffoYUbIaOaSmhJGp7SCrHL1pbofwu0M-1JuCUnwitCVsdXa3_meTqKOnrMnkM45m-H4PanbXS8Sbt-YtVyOZ8ITmywMRYZzvbUdEvHP_64FLwykT9djHSMnl2rXnjO1E&sig=Cg0ArKJSzCozvQXbB-f7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:51 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 665D 22 KB
9 KB 76ms
4ms Script
application/javascript 2620:116:800e:21:a878:7c6e:cf7b:3362
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Sep 2023 07:35:51 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 23 KB
8 KB 21ms
5ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 05:54:24 GMT
content-encoding: gzip
via: 1.1 google
age: 6087
x-guploader-uploadid: ADPycdveiqWxgSZ3aEypGJuAHDH48eWAQa6IO05tJdPmOWK6xPmxKWGGMMv7qV7O3Ek7wH0SSv6hHiMzeTMGnOyGLmrkqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7679
last-modified: Thu, 17 Mar 2022 15:35:15 GMT
server: nginx/1.8.1
etag: "ad2f9abb7bbec08e62cf17d0cc7d9125"
vary: Accept-Encoding
x-goog-generation: 1647531315191220
x-goog-hash: md5=rS+au3u+wI5izxfQzH2RJQ==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 7679
accept-ranges: bytes
expires: Mon, 04 Sep 2023 07:54:24 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
392 B 153ms
153ms Image
image/gif 3.160.188.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.188.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-188-50.mrs52.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
via: 1.1 56b03146829c02df871975da5cf2300e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: MRS52-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: acURIjOfvcij97NXop_N_2xIikh-T3Rbkfuapp-ayKtCTwHigSeOHA==

POST
H2 200 bid Show response
s.seedtag.com/c/adunit/ Frame 3F3F 4 KB
3 KB 1103ms
1102ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/adunit/bid
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 38c2da47101d601fc032750c97d8009c62e5d84606fbdb57709a0424c1b11d34

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
etag: W/"f00-SjHvEnrOZO+VdC3pPFbDLd0YQDU"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 bid Show response
s.seedtag.com/c/v2/tag/ 99 B
223 B 629ms
628ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/v2/tag/bid
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: 44761428f9b21598d8ad84cd4221a869c60c7aba02dd2b2e125c858578ef7b66

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
etag: W/"63-Zq7/fuP6F+5v3bbU79cWD6piGOU"
vary: X-HTTP-Method-Override
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 rules-p-PFW5FesqXn206.js Show response
rules.quantcount.com/ Frame 665D 1 KB
1 KB 450ms
142ms Script
application/javascript 2600:9000:2175:7a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2175:7a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:17:15 GMT
content-encoding: gzip
via: 1.1 c06f5d2130689f511352f5187fabf420.cloudfront.net (CloudFront)
x-amz-cf-pop: MRS52-P1
age: 1117
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:52 GMT
server: AmazonS3
etag: W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: QrSGNXvr1AAPCT_vutHUbk_qRSXI4-t-TECbm8nClE4rY0lXaUhTOw==

GET
H2 200 15688-pbjs-floors.json Show response
ads.rubiconproject.com/floors/ 13 KB
1 KB 121ms
41ms XHR
application/json 23.76.212.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/floors/15688-pbjs-floors.json
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.76.212.194 Hong Kong, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-76-212-194.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: de27fa38bb1628eabeb3a156b37b6ba28179703fe995aa7c01f7ff1924bdf006

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
last-modified: Mon, 04 Sep 2023 06:40:43 GMT
server: Apache
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1500
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 1346

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 349ms
173ms XHR
application/json 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230904

Requested by

Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/15688_gq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44ea66fbddd5116848cc54810efdbf4c6bed99fc108e3c625e7c2f186dd1db27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 04 Sep 2023 07:35:51 GMT
x-content-type-options: nosniff
content-encoding: br
age: 12900
x-jsd-version: 1.0.1802
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 852
x-served-by: cache-fra-eddf8230103-FRA, cache-maa10248-MAA
x-jsd-version-type: version
etag: W/"63d-DO7zOt78ne9DP33fqjNCE7N3iZA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
16 KB 502ms
502ms Fetch
text/plain 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2479426184086202&correlator=304895497729061&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Ctecnologia&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C970x150%7C1190x250&ifi=5&didk=3223810204&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df3d28c06b9898686%3AT%3D1693812950%3ART%3D1693812950%3AS%3DALNI_MbfqVk67WZ-9R8Kp_hAXLZl5TS0Ng&gpic=UID%3D00000c3b429716ed%3AT%3D1693812950%3ART%3D1693812950%3AS%3DALNI_MYTEzGkRbqCWD6mUe-MY7A6Ya7Cwg&arp=1&abxe=1&dt=1693812951498&lmt=1693784151&adxs=205&adys=2553&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vis=1&psz=1190x-1&msz=1190x-1&fws=4&ohw=1190&psts=AOrYGsmSarXqknJ6HJJuSROoIV3BpW7ba2kI7HfZ9xwY1i81KzSF9EYnGP2pW4gmUBnuPLUohZhClJJTU54LH-xoWOZfuw%2CAOrYGslBsvetCDMKrFogSPKW9zULdwGIPECHVIoD3Vmsc9VwLYTbU9OloleVhKaYH4V32TlxG0Uvvyzv2WvtpiJSv9wQ5g%2CAOrYGskCdzLgQJFzN8kKCoIS85mQhbS8f_0anMRJnoc1TsC1x2lcGq2x1BlFI49QN7r-4kaUvX2VXp1VVHEyPx1f4U9Hhw%2CAOrYGslIfwPLwQUXFDQxARBk7zHkgbbt-dCysaO1_DIlThEj0HqqB3ExbIbZ2NEadHlcdbMWWo2gbU1Ao_SrRBq170V6tg&ga_vid=1120136905.1693812950&ga_sid=1693812950&ga_hid=296211627&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDMzNjU2NjNlYzBiZWFjNTljMGU2ZTVkYTcyMGExNmQ1MzkzOGZjYWFkNWMyNTlkNzBiNGI4NDJlZTViYmRkY2IY1Y36-KUxSAASGwoMMzNhY3Jvc3MuY29tGMGJ-vilMUgAUgIIZBIZCgpwdWJjaWQub3JnGOeN-vilMUgAUgIIahIXCghydGJob3VzZRi7jPr4pTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YwYn6-KUxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVtZGFUWGh5WWtwUmJGTmxaMGx5UmtKNWEwRXhaejA5SW4wPRicjfr4pTFIABIbCgxpZDUtc3luYy5jb20YpY76-KUxSABSAghq&dlt=1693812946827&idt=3361&prev_scp=Editora.pos%3DMiddle%26rc%3Dbanner_materia2_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D9%26Editora.url%3Dbrecha-site-acompanhantes-fatal-model-informacoes-pessoais%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1693812950090%26prmtvvid%3D%26prmtvwid%3D&adks=2659365269&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da5ff741ae5ee748ffd67c75fe2c64b981cb6330814b6239f80012a3b3d01309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16358
x-xss-protection: 0
google-lineitem-id: 6364372783
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443186009
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
16 KB 504ms
503ms Fetch
text/plain 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2479426184086202&correlator=368952198565354&eid=31076474&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fif&iu_parts=85042905%2Cgq%2Ctecnologia&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250%7C1x1%7C970x150&ifi=6&didk=3740535728&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df3d28c06b9898686%3AT%3D1693812950%3ART%3D1693812950%3AS%3DALNI_MbfqVk67WZ-9R8Kp_hAXLZl5TS0Ng&gpic=UID%3D00000c3b429716ed%3AT%3D1693812950%3ART%3D1693812950%3AS%3DALNI_MYTEzGkRbqCWD6mUe-MY7A6Ya7Cwg&arp=1&abxe=1&dt=1693812951501&lmt=1693784151&adxs=315&adys=298&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vis=1&psz=1600x250&msz=1600x0&fws=4&ohw=1600&psts=AOrYGsmSarXqknJ6HJJuSROoIV3BpW7ba2kI7HfZ9xwY1i81KzSF9EYnGP2pW4gmUBnuPLUohZhClJJTU54LH-xoWOZfuw%2CAOrYGslBsvetCDMKrFogSPKW9zULdwGIPECHVIoD3Vmsc9VwLYTbU9OloleVhKaYH4V32TlxG0Uvvyzv2WvtpiJSv9wQ5g%2CAOrYGskCdzLgQJFzN8kKCoIS85mQhbS8f_0anMRJnoc1TsC1x2lcGq2x1BlFI49QN7r-4kaUvX2VXp1VVHEyPx1f4U9Hhw%2CAOrYGslIfwPLwQUXFDQxARBk7zHkgbbt-dCysaO1_DIlThEj0HqqB3ExbIbZ2NEadHlcdbMWWo2gbU1Ao_SrRBq170V6tg&ga_vid=1120136905.1693812950&ga_sid=1693812950&ga_hid=296211627&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDMzNjU2NjNlYzBiZWFjNTljMGU2ZTVkYTcyMGExNmQ1MzkzOGZjYWFkNWMyNTlkNzBiNGI4NDJlZTViYmRkY2IY1Y36-KUxSAASGwoMMzNhY3Jvc3MuY29tGMGJ-vilMUgAUgIIZBIZCgpwdWJjaWQub3JnGOeN-vilMUgAUgIIahIXCghydGJob3VzZRi7jPr4pTFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YwYn6-KUxSABSAghkEj4KBW9wZW54EixleUpwSWpvaWVtZGFUWGh5WWtwUmJGTmxaMGx5UmtKNWEwRXhaejA5SW4wPRicjfr4pTFIABIbCgxpZDUtc3luYy5jb20YpY76-KUxSABSAghq&dlt=1693812946827&idt=3361&prev_scp=Editora.pos%3DTop%26rc%3Dmc-container-top_0&cust_params=ambient%3D%26tipo_pagina%3Dmulti-content%26editora.random%3D9%26Editora.url%3Dbrecha-site-acompanhantes-fatal-model-informacoes-pessoais%26Info.Entidades%3D%26glb_id%3Dna%26glb_tipo%3Danonimo%26pgv_id%3D%26permutive%3D%26permutive-id%3D%26ptime%3D1693812950090%26prmtvvid%3D%26prmtvwid%3D&adks=1275728416&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee420260003225904493fd72eedfca3cf01fe5dda107b16e70e18eed368d3a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16330
x-xss-protection: 0
google-lineitem-id: 6364372783
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443186009
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vidoomy-player.js Show response
vpaid.vidoomy.com/player/latest/ 200 KB
66 KB 24ms
3ms Script
application/javascript 2a02:6ea0:d100::13
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Requested by: Host: ads.vidoomy.com
URL: https://ads.vidoomy.com/gq.globo.com_16998.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:d100::13 , Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fb0e6e3e60e186538f4ef71b7d9f2d27b1a68be0f4482b568134c3eb6e431787

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop: singaporeSG
date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 338546
x-accel-date: 1693474405
x-77-nzt: AVm7oodvBz3/cioFAA
x-accel-expires: @1694511205
last-modified: Thu, 31 Aug 2023 09:33:01 GMT
server: CDN77-Turbo
etag: W/"64f05e4d-32084"
x-77-nzt-ray: a953bd2368f4aef5d788f564c0826b22
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=970362189.467729716945714.386808577
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=970362189.467729716945714.386808577
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=528fc541-7a21-468e-865f-9e23c888f546&google_hm=NTI4ZmM1NDEtN2EyMS00NjhlLTg2NWYtOWUyM2M4ODhmNTQ2
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEHfe5Cu3Cn3Sht7gPmYSM_4&google_cver=1&ssp=vidoomy&bsw_param=528fc541-7a21-468e-865f-9e23c888f546
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=528fc541-7a21-468e-865f-9e23c888f546

43 B
650 B

394ms
169ms

Image
image/gif

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=528fc541-7a21-468e-865f-9e23c888f546
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: HTTP/1.1
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:52 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Location: //a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=528fc541-7a21-468e-865f-9e23c888f546
Date: Mon, 04 Sep 2023 07:35:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM4KHXZC-V-BP7U

43 B
622 B

694ms
182ms

Image
image/gif

212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM4KHXZC-V-BP7U
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: HTTP/1.1
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:52 GMT
Content-Encoding: none
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 43

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM4KHXZC-V-BP7U
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A001 0
0 9ms
8ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvez4SA7rbsgypArrPvIWaxGF78g-b17PqDdM7hPWW0oUShYGMqtFAH0m4j_y9bDLoptxqCjmM5xS5WX6tecp4I6-2DnKqqQEAFOGvkaIXGIvg2vj6_lALCG1yr_IvnX8C0mgCozsSaZg9BlinQSyTOtq_v5U7Be3wyz6nn2vkwGGVfsXuMG-h9bVaLz6LpBySKJjQKo7KIZGtFZMB6vHVPKQ3O9sCOtPkQMMVxR4L1Uw2YSbgSJ1E9pB81r5V9fgMWX62rHUNZ9nVdpd0ANl26tv5A1gbD2ZgDRRE-2_tbmOxj9fGaEeU93pxsESVb_xywP9lqK3k&sai=AMfl-YRFy4CtxwKR9ZJCEjJjkqeiimtMpCbUcrBZewP6v0rMEUQkflA8Joaf9vOORYUwdGotq3qNT1LaV6d0-Nvnj0sM9MfyqGXdKk3D1e55ld6jKeZwuukV42VojEAcDBESa-kiu7FtaiFtVpkTdipE&sig=Cg0ArKJSzCED2DrNCaNWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:51 GMT

GET
DATA 200
OK truncated
/ 477 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f348c661e980bdadcb9312dcdff1359a4465048061bf224090d75f1a6eaeaa7e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 load.js Show response
pm-widget.taboola.com/editoraglobonetwork/ 13 KB
2 KB 449ms
447ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f542b3b98cad1981a4429a7fca302c9ac09632ae83ff3419ed8ea8ccf3b9295

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: U1YGMS0gZhJYHtoSJ0UYFxgGwsKQYD8s
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 07:35:52 GMT
x-amz-request-id: 3BHSBQ3A2XNEVHN8
age: 3380
x-cache: HIT, HIT
content-length: 2153
x-amz-id-2: 6Lk5u/sonNP8fcw8IT5Uh8XyF7Rp6l/HJ3oKunt3ihavJMtsBsx+JJP9WS9+j9SIuZ3tK1Fhx58=
x-served-by: cache-sjc1000141-SJC, cache-fra-etou8220044-FRA
last-modified: Thu, 27 Apr 2023 10:32:50 GMT
server: AmazonS3
x-timer: S1693812952.873068,VS0,VE156
etag: "408b0d6eadfa9d2b74f5b3bb1332e9cb"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 impl.20230903-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 803 KB
166 KB 164ms
163ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: CuiuU6eMv4WPX.TpIvx1Q1d3yMlp43ER
content-encoding: br
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:51 GMT
x-amz-request-id: CFZCR7RN5XFXGMGM
age: 21880
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 170019
x-amz-id-2: xan229zO43t8+XOZmohayDCinP1dv7FtiFIt1M3rFEHbzhpLdozcQ5v7a3rjcEUUMWyRG/pc07A=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 09:12:15 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812952.872993,VS0,VE0
etag: "ebfc5e8f71b99d31d408f4b268b3cf64"
vary: Accept-Encoding
content-type: application/javascript
abp: 75
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 50985

GET
H2 200 iframe-thin.css
audio4.audima.co/ Frame 12A4 11 KB
3 KB 257ms
256ms Stylesheet
text/css 2606:4700:3032::6815:1d69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio4.audima.co/iframe-thin.css
Requested by: Host: audio4.audima.co
URL: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:1d69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b058b5c13c357bc541d105899d43e1f2e0786a81b6650c2127dbd669e9fa4e70

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 16:40:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f21404-2a8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djmEYL%2FeqHfTTLmqCt3a3YV7eeatUmFs6Yq52iqasGy%2BiCW8vJsMagvbQIek%2FKR2F96qiGqjT3fS93Rdq5ntEMfMoNLkO59B8Y68Im7qiSwwoP0ALcNB%2B%2BCiWJuu0myepPCRxg9kImop8PqpZktM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
cf-ray: 80148ee4c85701f6-SIN
expires: Mon, 04 Sep 2023 10:49:12 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame 12A4 69 KB
11 KB 36ms
14ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Requested by

Host: audio4.audima.co
URL: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://audio4.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3330175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10260
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-2814"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD4DVGRXeRnjjYQB3vSaR7ZIz0RDiXLPwp6gObxfaxLQPWrdGt%2FYrQEfBSTcVwAL5ZGkjh%2FHdUKIRnBeaALaR5diAm%2Byj%2FvWdyijB28%2FLx8TqkGnkkpoScUfrbMohBntE%2BFwQhcDJKfOxyNytdJ7dBiy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148ee4ee7a1910-SIN
expires: Sat, 24 Aug 2024 07:35:51 GMT

GET
H2 200 audio-tts-player.js Show response
audio4.audima.co/ Frame 12A4 50 KB
16 KB 13ms
12ms Script
application/javascript 2606:4700:3032::6815:1d69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio4.audima.co/audio-tts-player.js
Requested by: Host: audio4.audima.co
URL: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:1d69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4612d7cea0985e7d449aa446530006bb4c91acfd4b2703de36651c54027817a1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 16:40:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9100
etag: W/"64f21404-c6dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBbqeAFAf0Gu%2FZQf7BWRCn5JziNUs1zLWRkDcztNOLGyrEFirO0MRMDCHUd00ngRa9LLoOMM4vX4BzS1TlrWM0Znc%2FwQvOTdtHvE23MP9uUiudT9Uusu0akhh0HySFycq%2BENxG6V2XXqqGSmAd6P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 80148ee4c85901f6-SIN
expires: Mon, 04 Sep 2023 07:15:23 GMT

GET
H2 200 call-init.js Show response
audio4.audima.co/ Frame 12A4 238 B
491 B 12ms
11ms Script
application/javascript 2606:4700:3032::6815:1d69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://audio4.audima.co/call-init.js
Requested by: Host: audio4.audima.co
URL: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:1d69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c591e4c4423edcd4c23f7f740a928eb4d3f8cfb4d72d1758e0255d584b74fb9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://audio4.audima.co/iframe-later-thin-audima.html?skin=thin&statistic=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 16:40:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9100
etag: W/"64f21404-ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlAw30pWJOK3DBYB8%2BSxNh8C8879PItTEGwU%2FidmZbhBG8QQ7vmgadrqRgqL48bkZZKCJnH7QiXqEBPVQizdtoHfbRN5NYw8OCr5bvHaP03J7%2BqSKSrAvnBgn1KZZhR%2F5UWyYuxz%2B1uoyyGMSyWY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 80148ee4c85a01f6-SIN
expires: Mon, 04 Sep 2023 08:19:56 GMT

GET
H2 200 pixel;r=1056256988;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml;ref=http...
pixel.quantserve.com/ Frame 665D 35 B
372 B 19ms
6ms Image
image/gif 2620:116:800e:21:a878:7c6e:cf7b:3362
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1056256988;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml;ref=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml;uht=2;fpan=1;fpa=P0-1531790446-1693812951381;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=globo.com;dst=0;et=1693812951834;tzo=-480;ogl=;ses=e56d032f-ff4c-4f25-a065-8c4d4d30d6c1;mdl=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

B30382929.372962640;dc_pre=CJDayfq4kIEDFXgXtwAdSocDTA;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_t... Show response
ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/ Frame EB7E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_rdid=;tag_for_child_directed_treatm...
https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=CJDayfq4kIEDFXgXtwAdSocDTA;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_r...

16 KB
12 KB

34ms
33ms

Fetch
text/javascript

74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=CJDayfq4kIEDFXgXtwAdSocDTA;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

bd9635157199fa498f7eb63cc4416bc833b8bf2295378a1089274d64cac05346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=CJDayfq4kIEDFXgXtwAdSocDTA;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=1972249495;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB7E 0
0 15ms
13ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0vtBcvxAOMWKRaczzfYPp_UyG65BqzyjpeyVFVvnd44WpxLDJ6KZKDFXbGCGy0LOW1frwxPel80nqLRGgTDmn9cahjckGMq1j8VJ_qarDi5x1F9-nOQEg9aj8EmklpBnNFXHTCzGrl1IekCaglOdWLkrpsvlGkk0fvvk8K3_XI-cce_oGBrJ-Whn2haSdVTKBPAzHdQLrbel1mbWylZNAS6E0HLFhxFiCJTluHI-3RYdgrONPhbGDCcKl8ZeWK7DC4EiZQ4ZgeOXhB9sD699sau6VntbRYMcIQGA_FuG95jKtamArfPZ2sBYlEiRx6999CbG18A&sai=AMfl-YSHSzobnx3sEZgEiJAyik6MYHttJLMGfPr-EGVHGJFTDPMVcPelsbDiAHP4aI-Gz5pke5JKa0tl1CONML4IdnBPnPckH_JjPpcz_3ilmyvLnpt9odszssaEOB-zDRY&sig=Cg0ArKJSzJCdDD_QVxb-EAE&uach_m=[UACH]&adurl=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame EB7E 3 KB
1 KB 6ms
3ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 06:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 06:07:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB7E 181 KB
56 KB 7ms
5ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H2 200 4913881377821645574
tpc.googlesyndication.com/simgad/ Frame EB7E 55 KB
56 KB 15ms
14ms Image
image/jpeg 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4913881377821645574

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f7894a7e93437f545cf63f33553f5f854416c2154b861be597d8ea051ccf13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56792
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 21:43:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Sep 2024 07:35:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EB7E 0
0 69ms
52ms Image
text/html 2404:6800:4003:c03::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxgq7j0J4SwzCB8LJQhIRrOVJfdc5C4CZ1pyUJoVpj6qUUO7FEC96GWMosRtUJ51X4-R_LJ9_hakgGo7FP83QHSiuU8A
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H3

200

B30382929.372962640;dc_pre=COWSy_q4kIEDFVIW1Qodwg8ORg;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 Show response
ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/ Frame F2AA
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=COWSy_q4kIEDFVIW1Qodwg8ORg;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rd...

16 KB
12 KB

32ms
32ms

Fetch
text/javascript

74.125.24.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=COWSy_q4kIEDFVIW1Qodwg8ORg;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Server

74.125.24.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f148.1e100.net

Software

cafe /

Resource Hash

b278d0707c7c9936278e7d2063074ca97ccd8d0350b2b921387bcd295ba2a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12109
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimpj/N1218305.3134731MEDIASERVICEINTE/B30382929.372962640;dc_pre=COWSy_q4kIEDFVIW1Qodwg8ORg;dc_trk_aid=564306069;dc_trk_cid=196904775;ord=672650677;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2AA 0
0 17ms
15ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumcLf-t5KjkqiyXwgnWmaNXICfj_KaJjlUs_LAz5cUJ0zQwO8ogXugRcQEfQpF2Tc1ELnVClhgCwN8SO-Yergo6fnn-OpU68jpNKtVF90MWbi7XU_s7tFhwf61errcEpGwLcGHkuisAikCDx5mEly-uhdy19g1gZeTXXuj-TcBBtagCIsaofwK1NWV0AtyWzsvdbAjgKtGj0DQOgTBqrZ2NqZ_8qj-deJQl07_oMmWtApOUWYOFBwlWdP-oBvK8Dw5p96DcJB3LbvnnRD0GJkGxn-lvmxifIFW2MdYk87kTfWWh6lfVS4M1B6pQHKUaMAXBKoXbA&sai=AMfl-YSoECNC84WhkLs3zGBRO85hb9VT-8uQ1guMkXG7mDh7uxDCwYbifDHxWLySkf9W7Oq_yvKW6XNeYDM2o7Cv0dD5n-wujzxJBBb0-QocxhqxgpKo62QiP9OSuDjwcpg&sig=Cg0ArKJSzN5KsLIRuq3dEAE&uach_m=[UACH]&adurl=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 4913881377821645574
tpc.googlesyndication.com/simgad/ Frame F2AA 55 KB
55 KB 9ms
8ms Image
image/jpeg 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4913881377821645574

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44f7894a7e93437f545cf63f33553f5f854416c2154b861be597d8ea051ccf13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
age: 0
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56792
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 21:43:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Sep 2024 07:35:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame F2AA 3 KB
1 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c05::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 06:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5276
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Sep 2023 06:07:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2AA 181 KB
56 KB 10ms
8ms Script
text/javascript 2404:6800:4003:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693394992224923"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F2AA 0
0 54ms
53ms Image
text/html 2404:6800:4003:c03::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQXwJTtW-QE3CtwOJyhdr_9emj0teL7efiF-WXFdxFg1Ga8mv1t_1SVJq0Pwx0hZE4npzp5KI5M4NMtxMGoVHxPtt0fA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::63 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame EB7E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63d3cf69c15b7cd3c920edebf2a07ab8b8f8f968aa1d13bb2164e516c5fdaa0b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F2AA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 359e946a6cfa0adc4343b78a4d521d2b7eec07e0d9c2c6f2f99a0f985589907b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css2
fonts.googleapis.com/ Frame 12A4 6 KB
1 KB 20ms
7ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Requested by

Host: audio4.audima.co
URL: https://audio4.audima.co/iframe-thin.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b0b6da5eebb0023cddb0d5fa35708f6f44bd8e3661da0ea0dfa79b00f3e9229f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://audio4.audima.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 07:01:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame EB7E 0
0 8ms
8ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHH7wkgTBoCvHitNvIUEY4CpfTxlxSzQM2Abph6Q3mg8cYQLpdHY5WP7S4coWownZE2VYnVonIdBwlfDlv1oEoDSRVhIDO8jHmVH7OKzwmSBa4jjorNUydFs-RjzLUsf6RtLFRKd99tN2HjsMIe4hYWuWJHFVZRhsTkfFsezKy6GbB7MQ9VPqlR3PK6SUVYzF29fmGVLoMVA7t5zRktqsSCY3g_gxosMYDdA22I1vpF3Pc4kIB7TIvCglrznuePiO8XLoWbjf_biEnoFGHlH90fvRMfZdooJDOtD3L32vgIWNCE_vVw41ixmXAqXCzHMJZykh2gC81&sai=AMfl-YQMdA8_TDaGxMnd0KZ_8W8E4-32dYALCe7eFdPft5kZAGRmTDOSY2AD53L4WNL6KQMqhUvNeND2p_2--LsEW3wQ3Fg1mnuGDQIEXRBtwrygu-OenF4NHXTtmqyUIXw&sig=Cg0ArKJSzDGupT9d5ZzPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2AA 0
0 9ms
9ms Fetch
image/gif 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNptuCpbVrNfK51bN1V_q6h3XIzPQWDAArAFPTIRSuNbdKGrIGtU4sm4ngrdYXOJr2iFNM-0d2rTRfD0knX5qxUFm7OO8nZYhphIq5eWE9wfqy9L5LQqtmHg4vR-MqlOpYk2h4hC4uCzSSy6DfAqYt2W8ac59fvkDAgdUDtfuwa5t0qN8lzaIjkZ9ox-sS1tGWhvMOtZKcG8UX-Rc4xa-gbSlFk_6CuIqf9LWGogYy_-iE0Rs0_7FCoE548WhSEzdn2ngCgr3BH3X_JLeayVShPwTIkGElsGlP6RUMmBpFyKkk182LRq44qdA5N6sA2EErBEAqt8Bs&sai=AMfl-YQZ8l_Y3pqFzJQd8_VFTMkNPK4CCdkUo7SF-7jB4gfJb5F6f2WW34TpOTBqYHHeDF1U5Ms3aos3QE4nJGuw56y06ZpqjfIbQCAuRfx85hHvvB48CCjW_Ly7fFxpvu8&sig=Cg0ArKJSzEdwil9rYflIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H2 200 14b4cd5918353a1eef4399dda8a82889.svg
audio4.audima.co/img/ Frame 12A4 434 B
633 B 263ms
261ms Image
image/svg+xml 2606:4700:3032::6815:1d69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audio4.audima.co/img/14b4cd5918353a1eef4399dda8a82889.svg
Requested by: Host: audio4.audima.co
URL: https://audio4.audima.co/iframe-thin.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:1d69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a0581fe6f48fa98de44bb78ffcc63cf71130a7a6352ce1a44ecfd48c5375e6a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://audio4.audima.co/iframe-thin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 16:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64f21403-1b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqc%2BmtFaY0TkbfLureEJG5llkwcbA%2BXdCQ2zT1MvHnDcoDUAgmdAAHKFWiI04o1fg8M0OdX8%2BcRJOm%2Bh8W6mAj6PWao9wOi%2BaUqOFBr1KTbKYyBixFxsl25FuV%2BEGtJJkGlMAXJADe9uBwcHKH96"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=16070400
cf-ray: 80148ee6e99b01f6-SIN
expires: Mon, 04 Sep 2023 07:38:23 GMT

GET
H2 200 535308d8f2af97fc03b61ad2de3c26b7.png
audio4.audima.co/img/ Frame 12A4 2 KB
3 KB 258ms
256ms Image
image/png 2606:4700:3032::6815:1d69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audio4.audima.co/img/535308d8f2af97fc03b61ad2de3c26b7.png
Requested by: Host: audio4.audima.co
URL: https://audio4.audima.co/iframe-thin.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:3032::6815:1d69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ad12268da77c77a50ec33f5771a9ef64d33d53335c03a23b3d459be4544b5c2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://audio4.audima.co/iframe-thin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:52 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Sep 2023 16:40:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64f21403-952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZib%2BIs0vrRJkdTs9%2F%2FDJNq87l2PlZbrHodZR1xnMqzysV0K0YkH0fJytDDk%2BS%2Bl5LNPbV1XnimIgP%2BgqZ%2BWcTXtqBJJYlV5Y2lNomVVgMiwB2eFYhocTV8umsyiZCoYFkfuSE3X%2BYcethRxc4FW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 80148ee6e99f01f6-SIN
content-length: 2386
expires: Mon, 04 Sep 2023 10:56:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 12A4 47 KB
48 KB 16ms
5ms Font
font/woff2 2404:6800:4003:c1c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://audio4.audima.co
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:41:37 GMT
x-content-type-options: nosniff
age: 464055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2024 22:41:37 GMT

GET
H2 200 pmk-20220605.12.js Show response
pm-widget.taboola.com/editoraglobonetwork/ 109 KB
30 KB 528ms
528ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/editoraglobonetwork/pmk-20220605.12.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/editoraglobonetwork/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f6b20999bd2a94f2129771aea3c4d9d2098c882633a1e08a14d6b8f9ef49b5ee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: hGDJ320XmrVzlk_tBEkU_GyOXLqd95OQ
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Mon, 04 Sep 2023 07:35:52 GMT
x-amz-request-id: HJT9RY01YWRVVME7
age: 2917276
x-cache: HIT, HIT
content-length: 30549
x-amz-id-2: Lqq6B1VUSASE6pjzXtugdVPtfCItI+n71PbToM50C0jTEQHJtw77fVTLRZXw8s28fXkZQscaXR8=
x-served-by: cache-sjc1000128-SJC, cache-fra-etou8220044-FRA
last-modified: Thu, 27 Apr 2023 10:32:49 GMT
server: AmazonS3
x-timer: S1693812952.391332,VS0,VE0
etag: "28d0d120bcbb2938f74c069dfb7e9df8"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 19346, 35

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 356 KB
123 KB 20ms
7ms Script
text/javascript 2404:6800:4003:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_e1b09a2d222b4900a437a46914be81e5/web/player/stable/player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125515
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 236 KB
82 KB 19ms
19ms Script
application/javascript 2404:6800:4003:c02::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-1ZN2PMPQGQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c02::61 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8b076272071919317015839086514ea77ec90a3a30b7d9b587b4765576e965f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83714
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H2 200 get Show response
aws.vidoomy.com/api/adserver/ad/ 6 KB
6 KB 881ms
556ms XHR
application/json 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/ad/get?domain=globo.com&format=1&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&loop=0&callType=&pversion=1.3.1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44525360034bd6482d92040efda9258e2389b623d79789a36f2605b5967b9978

Request headers

Referer: https://gq.globo.com/
vidoomy-brandlift: W10=
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
x-vd-c: 0
access-control-allow-headers: *
content-length: 5994

OPTIONS
H2 200 get
aws.vidoomy.com/api/adserver/ad/ Frame 0
0 592ms
170ms Preflight 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/ad/get?domain=globo.com&format=1&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&loop=0&callType=&pversion=1.3.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: vidoomy-brandlift
Access-Control-Request-Method: GET
Origin: https://gq.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: vidoomy-brandlift
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
content-length: 0
date: Mon, 04 Sep 2023 07:35:53 GMT

POST
H2 404 gq
horizon-track.globo.com/event/ 0
0 741ms
230ms Ping
text/html 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/gq
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d2bdc2678d18edab60e99f79608e5acb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryt6os3iNjujpjDDAo

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 16ms
5ms Ping
text/plain 2404:6800:4003:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-1ZN2PMPQGQ&gtm=45je38u0&_p=296211627&cid=1120136905.1693812950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=818712021714011611130&sid=1693812952&sct=1&seg=0&dl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&dt=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&en=page_view&_fv=1&_ss=1&up.user_code=818712021714011611130&up.user_code_provider=anonymous
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-1ZN2PMPQGQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::8b , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 callback.min.js Show response
s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/ Frame EFDB 87 KB
34 KB 361ms
361ms Script
text/html 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_05f06ca986b54d6e9c5df94927ccf7fc/libs/globoid-js/prod/callback.min.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/login-callback.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-openstack-request-id: txd232e898fc7b46eea0f7c-0064f588c4
last-modified: Thu, 01 Apr 2021 19:16:32 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/html
x-timestamp: 1617304591.88878
cache-control: public, max-age=180
x-trans-id: txd232e898fc7b46eea0f7c-0064f588c4
x-request-id: a8e6e4f8-e8ef-4135-955d-372008498ef6

GET
H2 200 1.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 27 KB
5 KB 325ms
325ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: 991a381656f42dde3845dbda5248792ed6fcf745f8b4fac111d5fff8c44dad98

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-proxy-cache: HIT
last-modified: Wed, 23 Aug 2023 12:55:13 GMT
x-cache-status: HIT
x-served-from: infoglobo-router-gcp, shared-cache
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
supportspointer: true
cache-control: max-age=600
charset: utf-8
x-request-id: c9917035a9622d4a8a6d4417df87ee1c
expires: Wed, 30 Aug 2023 22:32:44 GMT

GET
H2 200 18.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 6 KB
2 KB 344ms
343ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/18.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: 480627cc3006d6707a2ab75bb8eaf6b9c0624630be65a2c1e03f5a617c8388b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
x-proxy-cache: HIT
last-modified: Wed, 23 Aug 2023 12:55:20 GMT
x-cache-status: HIT
x-served-from: infoglobo-router-gcp, shared-cache
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
supportspointer: true
cache-control: max-age=600
charset: utf-8
x-request-id: 43519d888861898121b0a99ff4d91733
expires: Wed, 30 Aug 2023 22:32:44 GMT

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 4 KB
1 KB 39ms
16ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc

Requested by

Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
date: Mon, 04 Sep 2023 07:35:52 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2023 07:13:49 GMT
server: cloudflare
age: 1323
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 80148eeaf9aa4021-SIN
alt-svc: h3=":443"; ma=86400
x-request-id: qf1659gy9r
expires: Mon, 04 Sep 2023 08:05:52 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 354 KB
105 KB 62ms
54ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=VnaP3rYVKc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6a96a5c44280be459bea9abf1ffdcac5152092503f964b4ef07386c06de81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
x-amz-version-id: DTnwwfvkYT1nFi6qpf4yYmvanc3Uak_W
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: WGEWKWNEKRG9THW3
age: 2371
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pQVm5ehAnvJlJCUMm21Azuw0Z83hfmg1AkwefWMLW2xziKuRVKrYP3svlJVhkTyjRZgRvziXjyA=
last-modified: Wed, 30 Aug 2023 09:20:33 GMT
server: cloudflare
etag: W/"12c089469652b19e50bbda71ab9c865a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 80148eeb29f54021-SIN
expires: Mon, 04 Sep 2023 11:35:52 GMT

GET
H2 200 card-interference-detector.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 163ms
163ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fddc395c4c2acfbafa362ee5b9d932440a65f7c787fb13e6fab92b107305a218

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 9YKzbgVqM1.f.Xi.kryHViQC72KdeAub
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:52 GMT
x-amz-request-id: 4CJRZ2E31F3WQCB5
age: 68979
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2181
x-amz-id-2: HuX/AglZi1uipl6kB0RsoBBqRwGZWoODVrjtXWL5jcmgOz5r7VXqs9262OFqRqz2rhBXFe+DgXg=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:26:14 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812953.956574,VS0,VE0
etag: "fcd1e76ed217398006e1e67e96b7a29b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 18
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 47210

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 37ms
7ms Script
application/x-javascript 2600:1417:3f:bbd::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f:bbd::268b , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Aug 2023 09:25:23 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6042
Expires: Mon, 04 Sep 2023 08:35:52 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 12 KB
4 KB 283ms
263ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f84ea58f017b150e18a4d6be42baa500dec5c56cc6d9749fe6f7bf6ea4b56621

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: 51cjfpeot5
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 80148eebecbe4816-SIN

GET
H2 200 tm13574.js Show response
tag.navdmp.com/ 17 KB
6 KB 31ms
10ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm13574.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 3544
etag: W/"6137b330-4291"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 80148eebf979a059-SIN
expires: Mon, 04 Sep 2023 07:36:47 GMT

GET
H2 200 dmp.min.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/ 5 KB
3 KB 358ms
356ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
x-openstack-request-id: txc8187937de7d466aa4a76-0064f57250
last-modified: Fri, 16 Jun 2023 12:31:17 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1686918676.85556
cache-control: max-age=18000
x-trans-id: txc8187937de7d466aa4a76-0064f57250
x-request-id: c54858a8-ad4a-496e-aa1a-f23ef0815d26

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 64 KB
11 KB 10ms
6ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-12842-2/CT-1047
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_c5e7bdb51ae341ef87ff71259dd7b39f/libs/lib-pub-external-tags/gq/prod/lib-pub-ext-tags-gq-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:01:52 GMT
content-encoding: gzip
via: 1.1 google
age: 2040
x-guploader-uploadid: ADPycds1ncT-bn2GyCaOW20D04XAr5meKEGBnb1bJ9U3bIwI1mODkR6awvRDJvRtVE9Hv_Ai6XpoOMFILfm5u5jUx_DXY4e7sdT6
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11157
last-modified: Wed, 16 Feb 2022 19:26:59 GMT
server: nginx/1.8.1
etag: "7baa2c88b7abc79944366989908f0a4f"
vary: Accept-Encoding
x-goog-generation: 1645039619237034
x-goog-hash: md5=e6osiLerx5lENmmJkI8KTw==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 11157
accept-ranges: bytes
expires: Mon, 04 Sep 2023 09:01:52 GMT

GET
H2 200 / Show response
usergate.globo.com/ 33 B
304 B 323ms
322ms Fetch
text/plain 35.198.44.170
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://usergate.globo.com/
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.198.44.170 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 170.44.198.35.bc.googleusercontent.com
Software: /
Resource Hash: 3264f08febfa6c7ec9954cf2698381e52403f77df60d81f9692946cb19b1f347

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Content-Type,Cookie,X-App,GLBID,GST

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 6 KB
1007 B 12ms
12ms Fetch
application/json 2404:6800:4003:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config

Requested by

Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_acd8438fd650434baa93efc372c066a1/libs/lib-analytics/prod/lib-analytics-latest.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c00::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6d1e9b2162b5b088943376a26a39da5be39d85ed9ea15fa62768b0aa5096877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 982
x-xss-protection: 0
expires: Mon, 04 Sep 2023 07:35:52 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 110 KB
36 KB 8ms
8ms Script
application/x-javascript 2600:1417:3f:bbd::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f:bbd::268b , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4519a12c51938d44b6fb70c1c57f26ae4ba71628d07c9642703a7eda5276307e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Aug 2023 09:15:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36535
Expires: Mon, 04 Sep 2023 08:35:53 GMT

GET
H2 200 tm46169.js Show response
tag.navdmp.com/ 12 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm46169.js
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:04 GMT
server: cloudflare
age: 2807
etag: W/"6137b330-2e58"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 80148eec49c0a059-SIN
expires: Mon, 04 Sep 2023 07:49:06 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
289 B 246ms
239ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=13574&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54c8caf6db6a934dc4e8f659b245989e2c6ad17350e30afd506164c9773ba36d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 80148eec59d1a059-SIN
expires: Mon, 04 Sep 2023 08:35:53 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
239 B 231ms
230ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=46169&upd=1&new=1&wst=0&wct=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc75a88627a2cdb49e6667a5f45758f17c0ef8bdbe028c72aadff5b2b5255a9d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: public
date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 80148eec69f4a059-SIN
expires: Mon, 04 Sep 2023 08:35:53 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 235ms
225ms XHR
text/plain 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 advertising.js Show response
www.npttech.com/ 6 KB
3 KB 37ms
17ms Script
application/javascript 2606:4700:e2::ac40:8f26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/1.tiny.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
x-amz-version-id: AqISHxpKTQvORh8RqBdMoHK.Vq6tURDV
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2D75NNJP0XKSZNW3
age: 4828
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7xD7GwR5UkLGVivje2pDHiSCYaVvq0saGJ7OEqQHm/HMnkTKSZ2N0A0FCMNfS4P6Ht9XlNOpk+s=
last-modified: Tue, 18 Oct 2022 13:20:01 GMT
server: cloudflare
etag: W/"df0e1827cd8f289a645f38d8fecaf6e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e4o4dA7hS4HqeDinsjcvfKVFlLtO5DTAZ6GxOqorJQEUQLoNeehnxYZc8nJt10sn3fF9mhh1OpjRQYji2MlmPJyT1Jc9Rv1xlnDQE%2Fuvbl%2FhxF%2F5zInPMqD0ZzyY%2FFIR%2FteL9oL5UfNPJDzERE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=28800
cf-ray: 80148eed085fa3cf-SIN

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 586 B
434 B 1102ms
1079ms XHR
application/json 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9a1fc72c717b4f857dc43024da35c73c329c89ef056dc55c0d24ab607dff5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Sep 2023 07:35:54 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mufag0snRHj
pragma: no-cache
wn: prod-dash-10-0-95-91
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.008
cache-control: no-cache, no-store, must-revalidate
cf-ray: 80148eedcea63ddc-SIN
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame D6C8 7 KB
3 KB 284ms
278ms Document
text/html 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd4578fd06ef073a255a3725ccd51ad3b356d29ce4b2e3dc536747a3c149d2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 80148eedbd0e4021-SIN
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 04 Sep 2023 07:35:53 GMT
expires: Mon, 04 Sep 2023 07:50:53 GMT
last-modified: Mon, 04 Sep 2023 07:35:53 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.007
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-87-33
x-forwarded-https: on
x-request-id: Mtfag0sc8LD
x-xss-protection: 0

POST
H2 200 loadTemplateContext Show response
buy.tinypass.com/api/v3/anon/template/ 586 B
661 B 302ms
285ms XHR
application/json 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/template/loadTemplateContext?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c5119771775c9659600bd1bd5910143cd16bfa92268a52087e46fb8642f0725

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mtfag0s2E0R
pragma: no-cache
wn: prod-dash-10-0-95-91
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.012
cache-control: no-cache, no-store, must-revalidate
cf-ray: 80148eedceab3ddc-SIN
expires: 0

GET
H2 200 cacheableShow Show response
buy.tinypass.com/checkout/template/ Frame 66A8 7 KB
3 KB 275ms
273ms Document
text/html 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daa088cdfbd2777ad43e4fdcd58fe03355d1e20d1f474e2c57c529c5329740b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=900
cf-cache-status: MISS
cf-ray: 80148eedbd154021-SIN
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 04 Sep 2023 07:35:53 GMT
expires: Mon, 04 Sep 2023 07:50:53 GMT
last-modified: Mon, 04 Sep 2023 07:35:53 GMT
p3p: CP="NON DSP COR OUR IND"
pragma
server: cloudflare
server-time: 0.007
strict-transport-security: max-age=86400; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-87-33
x-forwarded-https: on
x-request-id: Mtfag0szuoo
x-xss-protection: 0

GET
H2 200 7.tiny.js Show response
static.infoglobo.com.br/paywall/js/ 4 KB
2 KB 332ms
332ms Script
application/javascript 34.151.224.123
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.infoglobo.com.br/paywall/js/7.tiny.js
Requested by: Host: static.infoglobo.com.br
URL: https://static.infoglobo.com.br/paywall/js/tiny.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.151.224.123 São Paulo, Brazil, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 123.224.151.34.bc.googleusercontent.com
Software: /
Resource Hash: 91a8e177e6acd450d41daa32eacee2b3acb9740f762f266d5974dd8211c34a28

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-location-rule: static - tiny.js
date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
x-proxy-cache: HIT
last-modified: Wed, 23 Aug 2023 12:55:30 GMT
x-cache-status: HIT
x-served-from: infoglobo-router-gcp, shared-cache
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
supportspointer: true
cache-control: max-age=600
charset: utf-8
x-request-id: 9f3f711316b5de0f48fdff5ecae69173
expires: Wed, 30 Aug 2023 22:32:46 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 0219 672 B
747 B 7ms
7ms Document
text/html 2600:1417:3f:bbd::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f:bbd::268b , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 377
Content-Type: text/html
Date: Mon, 04 Sep 2023 07:35:53 GMT
Expires: Thu, 14 Sep 2023 07:35:53 GMT
Last-Modified: Wed, 02 Aug 2023 12:14:52 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 228ms
222ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13449a5ff8f88e73517dd77f7910&acc=13574&url=https%3A//gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&tit=Especialista%20aponta%20brecha%20de%20seguran%E7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&h1=Especialista%20aponta%20brecha%20de%20seguran%E7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80148eeddb73a059-SIN
content-length: 6
content-type: application/x-javascript

GET
H2 204 usermatch.gif Show response
beacon.krxd.net/ 0
338 B 629ms
205ms Script
text/plain 52.27.26.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?partner=navegg&partner_uid=13449a5ff8f88e73517dd77f7910
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm13574.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.26.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-26-215.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by: beacon-n015-pdx-prod.krxd.net
date: Mon, 04 Sep 2023 07:35:53 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1693812953
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 0219 110 KB
36 KB 8ms
8ms Script
application/x-javascript 2600:1417:3f:bbd::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f:bbd::268b , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 09297072c7827d311cfb9199dc4a055ad04f737857954c567957d67f13512a47

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Aug 2023 09:15:09 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36535
Expires: Mon, 04 Sep 2023 08:35:53 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
57 B 229ms
228ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=13449a4172354427be86a13da410&acc=46169&tit=Especialista%20aponta%20brecha%20de%20seguran%E7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm46169.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 80148eedeb7ca059-SIN
content-length: 6
content-type: application/x-javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 4ms
3ms Script
text/javascript 2404:6800:4003:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WP5C9ZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 04 Sep 2023 05:51:25 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6268
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 04 Sep 2023 07:51:25 GMT

GET
H2 200 horizon-common-hit.js Show response
s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/ 45 KB
15 KB 358ms
358ms Script
text/javascript 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: 6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
x-openstack-request-id: tx38e8472cde5045b89a2d1-0064f5886b
last-modified: Tue, 27 Jun 2023 00:08:13 GMT
x-thanos: 0A833014
vary: Accept-Encoding, Origin
content-type: text/javascript
x-timestamp: 1687824492.72874
cache-control: public, max-age=180
x-trans-id: tx38e8472cde5045b89a2d1-0064f5886b
x-request-id: 840e43ed-d337-45c1-b7f7-aa63a0824614

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 0219 47 B
637 B 530ms
175ms Script
text/javascript 147.75.95.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.95.77 Tokyo, Japan, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: c076ccfc483015d469eb6782603ea15a8d0d4e4da66c237698ece246b6c3183c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
last-modified: Sat, 04 Mar 2023 07:35:53 GMT
server: Jetty(9.4.28.v20200408)
etag: 19eeihezrc61915cvevnq9rhwr
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 47
expires: Wed, 04 Sep 2024 07:35:53 GMT

POST
H3 204 e Show response
s.seedtag.com/e/ Frame 3F3F 0
14 B 191ms
191ms XHR
text/plain 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/e
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.fcada515d3e60e68cee7.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 78 B
440 B 20ms
7ms XHR
application/json 2404:6800:4003:c0f::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::64 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97
x-xss-protection: 0

GET
H2 200 d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js Show response
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/ 1 MB
305 KB 56ms
34ms Script
application/javascript 2606:4700:4400::6812:29aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/dmp/dmp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cdfd76c7fbabcb9a4b57635c7dcacd7c878b9c5f0ecd60a61e4fe42323b6e3b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: d39f98ec-9259-4f8b-896d-7ab58be1f900
age: 0
x-guploader-uploadid: ADPycdtLVXSrM66MDUrAYPznN3bORCeFxcryNdhHmMqZzE1U6ljYQcF5wssr8K5xsdbPJGpqAOfALMFeJ5tVZeS30yClbc9WVSOP
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Sun, 03 Sep 2023 17:07:48 GMT
server: cloudflare
etag: W/"ec0b368c7b51ed009d519bf3c9abcbbc"
vary: Accept-Encoding
x-goog-generation: 1693760868471487
content-type: application/javascript
x-goog-hash: crc32c=ty6qcg==, md5=7As2jHtR7QCdUZvzyavLvA==
cache-control: public, max-age=900
x-goog-stored-content-length: 328707
timing-allow-origin: *
cf-ray: 80148eee4fb24485-SIN
expires: Mon, 04 Sep 2023 07:50:53 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com.sg/v1/ 3 B
366 B 20ms
6ms XHR
application/json 2404:6800:4003:c0f::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com.sg/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::8a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 5ms
5ms XHR
text/plain 2404:6800:4003:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=296211627&t=pageview&_s=1&dl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&ul=en-us&de=UTF-8&dt=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAQCACAEK~&jid=56145030&gjid=362606754&cid=1120136905.1693812950&tid=UA-21942769-1&_gid=416500413.1693812953&_slc=1&gtm=45He38u0n81WP5C9ZV&cd2=multi-content%20-%20materia&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=GQBS&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=desktop&cd20=25215520221173191163176&cd21=anonymous&cd22=%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cd26=21&cd43=Ate%201%20mes&cd49=tecnologia&cd60=N%C3%A3o&cd5=1120136905.1693812950&z=262305793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
344 B 36ms
21ms XHR
text/plain 2404:6800:4003:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-21942769-1&cid=1120136905.1693812950&jid=56145030&gjid=362606754&_gid=416500413.1693812953&_u=YCDAgEABAAQCAGAEK~&z=1181797025

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::9d , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 04 Sep 2023 07:35:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pxid Show response
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/ 46 B
383 B 328ms
309ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/v2.0/pxid?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 1eb0c17ae4d8ff4f57688bf3250c57c6857252b4cf41a1dd0fa01c0597c43f45

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
572 B 34ms
21ms XHR
application/json 103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.179 , Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:53 GMT
an-x-request-uuid: 89938724-8a34-4e66-9e3c-1e6364f4c0b0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gq.globo.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 209.58.162.198; 209.58.162.198; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK 46bb7919-5f04-4863-a088-9c026d1d7fbc
https://gq.globo.com/ 661 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gq.globo.com/46bb7919-5f04-4863-a088-9c026d1d7fbc
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb9e476da853bda9fa998c8774214971e88fff36cb7b0ada6a8accbdd022b7e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 677228
Content-Type

GET
BLOB 200
OK 9fcdab0b-3ffe-425e-a68d-b4d28a8543c0
https://gq.globo.com/ 661 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gq.globo.com/9fcdab0b-3ffe-425e-a68d-b4d28a8543c0
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb9e476da853bda9fa998c8774214971e88fff36cb7b0ada6a8accbdd022b7e3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length: 677228
Content-Type

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 221 B
337 B 347ms
329ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: f2275b2e26fa84aa5b18508ae277e22dcb9e7ac2368409371587e1402fe63ae9

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame 66A8 26 KB
5 KB 31ms
27ms Stylesheet
text/css 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2363
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 01:56:56 GMT
wn: prod-dash-10-0-119-183
server: cloudflare
etag: W/"26850-1693187816000"
vary: accept-encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 80148eef9f434021-SIN
expires: Mon, 04 Sep 2023 09:35:53 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 66A8 95 KB
30 KB 14ms
10ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1609747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30323
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-7673"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhg71PeiL1IxqDoDRFvGfeiOWnoyggqJYEwGDqEBov7dWxz%2FTaXTJKYeBkode7QZ9Th5YDni7t%2FyWiJpd36R4Hu%2B4tLurEsOQu143J0Ue%2FHc07jS%2BLsJyBqVPNvD91GriGEltFKicyjrUlZUxCdFijY6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9be81910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 66A8 10 KB
4 KB 17ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1606490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-dde"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SanyP61PPzUk7Hp%2F5xRu2DnqmbrOOqMXwF4pOSiOm8cz7bfx8R3tqGHIQeLymo%2FhRoOoO6hrDjRCvCKF5sLr2vsauvqGqz4TZng3VP%2Fgh84moceDZRvwDZVsAMx5OHz1DXXoOh6RDKlOCRbjteRr5n3n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9be91910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 66A8 104 KB
35 KB 18ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1750462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34999
last-modified: Thu, 22 Jun 2023 10:45:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942631-88b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHjPbQMC8bacFexqJaJW0%2BOR5YUYDzcQekoxyi8QPuhuqq%2BrlqgGartRhdtZVTNYo%2BxAwyb7RGnGEK3T9Xws2zs8Jb18Eo2oW0TNMwJYtS1f7gvbfq4HM7zYIb33tbADDdRpfirmXikhqFXFReuz%2BVmX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bea1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 66A8 11 KB
4 KB 23ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2206812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3978
last-modified: Thu, 22 Jun 2023 10:45:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942631-f8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAFkoNQs2xQ5tipwcRdU9QEkbkz1VfdcLGLy%2BOTrHqTGBixXxSyawCw%2BsyZBL%2BSom73jtEQoF%2BcFq2aWVsgH1uNxEJ8yYwJZ2gx%2FC1Ow81crsv7Oc9q6S1VMnZFsO7mvMpi7oVwS5vp4Dx0O8xctb3NV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9beb1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 66A8 825 B
978 B 24ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7479259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYkXpfiCj%2F06T8mz6srrfk0LgVS9TTuaTETQfYvKmExchH3WIFQJ2Xacn8bKlfYAW3hBJcPZ7tpXJkt5KH1Pi9ZvrGUvQO4E5zetnNIYdE8uKlWhvrz3QVWLN74JYbAhXzmI5AJ9zEPX%2B7JlPhIU4vUZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bec1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 66A8 4 KB
2 KB 23ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7740516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=almn5k%2BsaAe6r0mEgEX67ZuQQv6Av3%2FNS98ju8f4oSsg7gksxneap4fjVXCws4BjX8S%2Fhy0wAfbPQpdnBEYuSInAkXpOW6Luyv%2FcCWGBnS0fr64S6iC1OI9G0%2ByclfyVUTYwfFMDrPmpEEq5Ja1GvzKg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bed1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 66A8 3 KB
1 KB 25ms
22ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4529337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut47sOVR5tzndledpT91NionTynbsjBoDZ8QAyVdHAkt%2BpjPNcjZWkfdqCfPwi925c%2BV4yBMfc5r9BJMUKx5nA0HFsHG9db8tz0Tlv%2BXqjaLA74BP%2FLQJ389DI%2BXkTLHvY%2Fqc%2B17HhVsRqZqhowvrp%2Fg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bee1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 66A8 23 KB
8 KB 27ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9540345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkUvH%2Bh3FFoD%2BOdvpeXGIkuqRKwb3nhtOfubKC4avCylae%2FsttWWnha1rOu5F5RymV6mOPPn7e2pH4GikQEMVES7YLDCvsBYDkHDeEYcWdN6OvdBtSil2oN0VHA4wKN9UKxDMxwyGwCkexxuj8TP5tzF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bef1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 66A8 2 KB
1 KB 24ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3141197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 911
last-modified: Thu, 22 Jun 2023 10:45:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942630-38f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8NJSRe3zIMxQq5RAsy9nb%2BjEv%2F2VN7WpewU8Yc81ztQEpsQ5JK6SkL%2FxD0tZFpaTkmlnhZ%2BD5QUowkxyRVOyxzqTk269N1foqwqJ5Q33ohAzHX01mGd04m9SEDBqaH3nepDnfW7D15lk411O%2BVYheVI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf21910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 66A8 20 KB
7 KB 27ms
24ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9539807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMTZqOkd%2BNsPOFBgrjWCS2G8Tn3stqtiFg%2F4GuLZOVZH8iw0vSlXIW1xud%2Ba2VC24%2BQzkWS%2FWZFKgveC3b4xhsi0wKrNFgezwlZ3Tb%2FzR2IrD6zNT%2FWAa9RbpA8XV7DqHFMLQ9KNRPqgCi7S4dQpUCyN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf31910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame 66A8 33 KB
6 KB 282ms
279ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mtfag0sl6ng
pragma
wn: prod-dash-10-0-95-91
server: cloudflare
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 80148eef9f4a4021-SIN
expires: Tue, 5 Sep 2023 03:35:53 EDT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 66A8 66 KB
12 KB 32ms
29ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=15.261.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2362
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 14:42:58 GMT
wn: prod-dash-10-0-87-33
server: cloudflare
etag: W/"67876-1693579378000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 80148eef9f4b4021-SIN
expires: Tue, 05 Sep 2023 07:35:53 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame 66A8 119 KB
37 KB 33ms
30ms Script
text/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.261.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6dc0f5dee2a67da2df69cadfd63e71250d0112515dc45213917f6ae66293b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2363
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 14:58:52 GMT
wn: prod-dash-10-0-131-145
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.000
cache-control: public, max-age=602437
cf-ray: 80148eef9f4c4021-SIN
expires: Mon, 11 Sep 2023 06:56:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 66A8 3 KB
748 B 11ms
6ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 07:35:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 07:35:53 GMT

GET
H2 404 style.css
buy.tinypass.com/checkout/template/ Frame 66A8 0
0 266ms
264ms Stylesheet
text/html 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
cf-ray: 80148eef9f494021-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Sep 2023 07:55:53 GMT

GET
H2 200 gq-footer-desk.gif
s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/gif/ Frame 66A8 32 KB
32 KB 365ms
365ms Image
image/gif 186.192.90.3
Globo Comunicacao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.glbimg.com/v1/AUTH_65d1930a0bda476ba8d3c25c5371ec3f/piano/mobiliario_revistas/00_atual/gq/gif/gq-footer-desk.gif
Requested by: Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT7RJ0Y2KLJG&templateVariantId=OTVR67Y8KMQCH&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_9abf8fbe7848772ffad6-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 186.192.90.3 Duque de Caxias, Brazil, ASN28604 (Globo Comunicacao e Participacoes SA, BR),
Reverse DNS: 186-192-90-3.prt.globo.com
Software: /
Resource Hash: f00a0f3b8814587f42cb27f519ab69658ca7b3d3b63ecf9f566c3c1efdd3994d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
x-openstack-request-id: tx8fb90054d83c4677a1a7e-0064f588d9
last-modified: Thu, 18 May 2023 18:07:12 GMT
x-thanos: 0A833014
etag: aef4bffbf932e4a802294d7022805599
vary: Accept-Encoding, Origin
content-type: image/gif
x-timestamp: 1684433231.36234
cache-control: public, max-age=180
accept-ranges: bytes
content-length: 32486
x-trans-id: tx8fb90054d83c4677a1a7e-0064f588d9
x-request-id: 89ce1550-a416-4a63-8578-3451b264a52b

GET
H2 200 template.bundle.1.0.css
buy.tinypass.com/widget/dist/template/css/ Frame D6C8 26 KB
5 KB 40ms
36ms Stylesheet
text/css 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2363
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 28 Aug 2023 01:56:56 GMT
wn: prod-dash-10-0-119-183
server: cloudflare
etag: W/"26850-1693187816000"
vary: accept-encoding
content-type: text/css
server-time: 0.001
cache-control: public, max-age=7200
cf-ray: 80148eef9f534021-SIN
expires: Mon, 04 Sep 2023 09:35:53 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame D6C8 95 KB
30 KB 24ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1609747
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30323
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-7673"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5hgOdH9yMO4xWPBTbYujcNK5LPVOdklUPFYsVhRluSV7oISjb1n7d5fli3a7N1Y6cg8ig%2BrsErtnyScFvWr16uoI1rcbMpAh3nio6lORtj0ZouiUfHvcxLsYjR6qGc3EdHQUvkmcP15Ax%2Bi69z%2B6XQk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf41910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 jquery-migrate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame D6C8 10 KB
4 KB 25ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1606490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3550
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-dde"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taY%2B7y5so1QLQQuCEjXxlgIKI3Ypm9ffPf985X52OzXR5bTTGtDUtFa0P8NXnmxYLgLJyUYFM1NoNBUhpS2S3LFDbb7B6t%2FT4CpO9nyUK5j7R9kWTq4%2FTKq9Ed6vhUdU52f1v6FVJBcutvV51bIlLkIK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf51910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame D6C8 104 KB
35 KB 23ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1750462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34999
last-modified: Thu, 22 Jun 2023 10:45:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942631-88b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzJCE7KjXY4g1Ql%2BRXVjdZ5nOxgexSdkr3ZH4g2id16ZZzaMQ7QUV346ahxu%2F4b73o88CCK1dS9gy1H2WxZbhu3SsDSp6RB22LTRlCQZ19nFbgj303VUGZM5mRfqQQcNk6WMeuUi6tRMrgwW2XBdXZwz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf61910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-animate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame D6C8 11 KB
4 KB 24ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2206812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3978
last-modified: Thu, 22 Jun 2023 10:45:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942631-f8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNsTBIpGlMjYaNu7yEvfJC8ZHxaW29dOsy1bVotyiH5Ds0mmxuZSCWFXxVAnYzZR01Kt52JxPqXRVrOlNMIIHH98smqh9Z%2BmlF5%2BHcd6qhEL6SQ9w3nimmiDQuIVfCXWaYLXjak7f5r0btrC4SpTK6n2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf71910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-cookies.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame D6C8 825 B
849 B 39ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7479259
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 434
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMyYfw3OuW5KNSYbE4RTBo1A4lm2rkbj6C1m%2B5XIscSNSGlxk95pLoUP%2BcDN18tRYGN3vRbDJDV8%2FhSBFW6EZIzTRPoCWKezX7tVX2yBhnv4cCrSM9e5PpMzuMLHiTUG44DlfRFIwM2I5ZWcIGgTKhd4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf81910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame D6C8 4 KB
2 KB 22ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7740516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2171
last-modified: Mon, 04 May 2020 16:04:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d25-11cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olkvx9R020mWx%2BVEUkt9GR3fEa7RxXxflljjh3KtzxpB4sTUZxlfBBIWrj1M3GEccony01T%2B5noJGnNJn74mo2HLivirJaEBFc5WCFkCXX3cXyafr9VraiJH3sXMs%2FWNR4Q9kpayQCKwWvD2SYXKqSdI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bf91910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 tmhDynamicLocale.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame D6C8 3 KB
1 KB 24ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4529337
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 953
last-modified: Mon, 04 May 2020 16:04:43 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d1b-ad6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjcAjTNPSRP1nTo%2BMFR31wz4ighb7SSkf5STvB9evMx0r6y5hwa8r4XLjElRkr7iNOdwzIKKyb5tLRWu4Hn1Cdo6v4Ma1Fo%2BoHm86A5iDlM9KIZnpBJVkXBCXehD%2Bl0YbwUtIIICmQJcj%2F4GVk4B%2FYQc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bfa1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-ui-utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame D6C8 23 KB
8 KB 24ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9540345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7490
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-5b33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FXC8clQNjQ8TWnZGOx3b%2FARiSSVhuT3P7aY527HGG7XYfpMrfXLUhnDYxl6UFwdjpXybXzzT8P3dJPm8VPM5ZKulPkZTSDVAPONKjta5lyWizQsPLJbtSOWZ%2F941e%2F%2BnDUhaQ%2B4uTX%2FmXNwR8jhzZoj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bfc1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-ui-ieshiv.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame D6C8 2 KB
1 KB 25ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3141197
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 911
last-modified: Thu, 22 Jun 2023 10:45:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942630-38f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TBvVU1Z%2BXEhvtjJ01MbW60VnSL4YktCwIVU%2B8P8aIj1q%2Bq834xWny8O7csrJNXGpiKQtX4cdQLzfXVL32XCDE%2BO%2F6UU5lvi5jMn4IUvUYvQNn74owH2FFDmv%2FQMmxjg7Yl4mViVset6EmjYQV24COMR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bfe1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 angular-ui-router.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame D6C8 20 KB
7 KB 23ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9539807
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6934
last-modified: Mon, 04 May 2020 16:04:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d24-4f8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMHeCTwfZogTihSPtfoyndAa2HK%2BJ6HjkPogLYRTAk0T2QCxrAQ%2FlmToIDSq18NFj7VGLMyfqsqoNAfKog7bSoU%2FWHkKEkhEmi86vtmsGSSaQbP8wlEO3CoraPadVVTiCx6wJzCIcfvFHE0Eq3fz9lAS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eef9bff1910-SIN
expires: Sat, 24 Aug 2024 07:35:53 GMT

GET
H2 200 loadTranslationMap Show response
buy.tinypass.com/showtemplate/general/ Frame D6C8 33 KB
6 KB 267ms
264ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/showtemplate/general/loadTranslationMap?aid=VnaP3rYVKc&version=1568388702000&language=en_US

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: Mtfag0sMl4q
pragma
wn: prod-dash-10-0-128-157
server: cloudflare
vary: accept-encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 80148eef9f574021-SIN
expires: Tue, 5 Sep 2023 03:35:53 EDT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame D6C8 66 KB
12 KB 28ms
25ms Script
application/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=15.261.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2362
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 14:42:58 GMT
wn: prod-dash-10-0-87-33
server: cloudflare
etag: W/"67876-1693579378000"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
server-time: 0.000
cache-control: public, max-age=86400
cf-ray: 80148eef9f584021-SIN
expires: Tue, 05 Sep 2023 07:35:53 GMT

GET
H2 200 H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA Show response
buy.tinypass.com/_sam/ Frame D6C8 119 KB
37 KB 39ms
36ms Script
text/javascript 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.261.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6dc0f5dee2a67da2df69cadfd63e71250d0112515dc45213917f6ae66293b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 2363
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Sep 2023 14:58:52 GMT
wn: prod-dash-10-0-131-145
server: cloudflare
optimized-by: _sam
vary: Accept-Encoding
content-type: text/javascript
server-time: 0.000
cache-control: public, max-age=602437
cf-ray: 80148eef9f5a4021-SIN
expires: Mon, 11 Sep 2023 06:56:30 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D6C8 3 KB
702 B 16ms
13ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 07:35:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 07:35:53 GMT

GET
H2 404 style.css
buy.tinypass.com/checkout/template/ Frame D6C8 0
0 268ms
265ms Stylesheet
text/html 2606:4700::6812:b07e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/template/style.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/checkout/template/cacheableShow?aid=VnaP3rYVKc&templateId=OT3B0FT6TYY6&templateVariantId=OTVMF8V02U8PS&offerId=fakeOfferId&experienceId=EXXHDLE7CS79&iframeId=offer_91405f7498079174c486-0&displayMode=inline&widget=template&url=https%3A%2F%2Fgq.globo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
vary: accept-encoding
content-type: text/html
cache-control: public, max-age=1200
cf-ray: 80148eef9f554021-SIN
alt-svc: h3=":443"; ma=86400
expires: Mon, 04 Sep 2023 07:55:53 GMT

GET
H2 200 d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin Show response
cdn.permutive.com/models/v2/ 122 KB
86 KB 379ms
350ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/d39f98ec-9259-4f8b-896d-7ab58be1f900-models.bin
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60935316e139d9604c7afdf3dc68f6159b6d97a12798a5bf309ebe4173c0a626

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-goog-meta-oid: d39f98ec-9259-4f8b-896d-7ab58be1f900
age: 0
x-guploader-uploadid: ADPycduqRpdw1p2soE4hpvkdmqUAnrkPOQOQutbAb5TwqG8tCAE53y1HeergPEOJgSLNaePhXaw_t6Id-CuArT1W90LXCg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 87303
last-modified: Sun, 03 Sep 2023 17:07:51 GMT
server: cloudflare
etag: "a4f870767811737789eeaf11ca280256"
vary: Accept-Encoding
x-goog-generation: 1693601753474666
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=RafFNA==, md5=pPhwdngRc3eJ7q8RyigCVg==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 87303
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 80148eefda354661-SIN
expires: Mon, 04 Sep 2023 07:35:53 GMT

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
253 B 340ms
331ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 4378556aebb978453bc3e1fad54835a5b4721bed1c30af45ec936fc402befb08

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 4ms
4ms Image
image/gif 2404:6800:4003:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296211627&t=event&ni=1&_s=2&dl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&ul=en-us&de=UTF-8&dt=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Botao&el=eg_gq_botao_topo_titas&_u=aCDAgEABAAQCAGAEK~&jid=&gjid=&cid=1120136905.1693812950&tid=UA-21942769-1&_gid=416500413.1693812953&gtm=45He38u0n81WP5C9ZV&cd2=multi-content%20-%20materia&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=GQBS&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=desktop&cd20=25215520221173191163176&cd21=anonymous&cd22=%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cd26=21&cd43=Ate%201%20mes&cd49=tecnologia&cd60=N%C3%A3o&cd5=1120136905.1693812950&z=1245537365

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 08:36:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82761
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame D6C8 32 KB
32 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c1c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1c::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 09:44:55 GMT
x-content-type-options: nosniff
age: 424258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 09:44:55 GMT

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame D6C8 2 KB
2 KB 33ms
32ms Image
image/png 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 2371
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 2177
last-modified: Fri, 01 Sep 2023 14:58:52 GMT
wn: prod-dash-10-0-119-183
server: cloudflare
etag: W/"2177-1693580332000"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 80148ef18a4b6bb2-SIN
expires: Mon, 04 Sep 2023 09:35:53 GMT

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 0219 43 B
468 B 529ms
178ms Image
image/gif 147.75.95.77
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.30&typ=pgv&rnd=lm4khyz3wc3m7o3g&sid=4756157261768221469&loc=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&new=1&arf=0&ltm=1693812953023&ref=&tzo=-480&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lm4khz84wp98v41w&ckp=lm4khyz3vqssgkdu&glb=&cp_userState=anon&cst=19eeihezrc61915cvevnq9rhwr
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 147.75.95.77 Tokyo, Japan, ASN54825 (PACKET, US),
Reverse DNS
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Mon, 04 Sep 2023 07:35:54 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 14 B
69 B 341ms
340ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:35:54 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 4ms
3ms Image
image/gif 2404:6800:4003:c03::8b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296211627&t=event&ni=1&_s=3&dl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&ul=en-us&de=UTF-8&dt=Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%20%7C%20Tecnologia%20%7C%20GQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Piano&ea=Mobiliario%20Footer&el=eg_gq_footer_titas&_u=aCDAgEABAAQCAGAEK~&jid=&gjid=&cid=1120136905.1693812950&tid=UA-21942769-1&_gid=416500413.1693812953&gtm=45He38u0n81WP5C9ZV&cd2=multi-content%20-%20materia&cd6=&cd7=&cd8=&cd9=&cd10=&cd11=&cd12=GQBS&cd13=&cd14=&cd15=&cd16=&cd17=&cd18=&cd19=desktop&cd20=25215520221173191163176&cd21=anonymous&cd22=%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cd26=21&cd43=Ate%201%20mes&cd49=tecnologia&cd60=N%C3%A3o&cd5=1120136905.1693812950&z=516050447

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Sep 2023 08:36:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82761
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame 66A8 32 KB
32 KB 5ms
5ms Font
font/woff2 2404:6800:4003:c1c::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300&family=PT+Serif&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1c::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://buy.tinypass.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 09:44:55 GMT
x-content-type-options: nosniff
age: 424258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Aug 2024 09:44:55 GMT

GET
H3 200 fail-icon.png
buy.tinypass.com/widget/dist/template/css/img/ Frame 66A8 2 KB
2 KB 19ms
19ms Image
image/png 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy.tinypass.com/widget/dist/template/css/img/fail-icon.png

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://buy.tinypass.com/widget/dist/template/css/template.bundle.1.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: HIT
age: 2371
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
content-length: 2177
last-modified: Fri, 01 Sep 2023 14:58:52 GMT
wn: prod-dash-10-0-119-183
server: cloudflare
etag: W/"2177-1693580332000"
vary: Accept-Encoding
content-type: image/png
server-time: 0.000
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 80148ef1eac56bb2-SIN
expires: Mon, 04 Sep 2023 09:35:53 GMT

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 103 B
675 B 535ms
182ms Script
text/javascript 147.75.95.77
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lm4khyz3vqssgkdu%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2219eeihezrc61915cvevnq9rhwr%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2219eeihezrc61915cvevnq9rhwr%22%7D%5D%2C%22siteId%22%3A%224756157261768221469%22%2C%22location%22%3A%22https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

147.75.95.77 Tokyo, Japan, ASN54825 (PACKET, US),

Reverse DNS

Software

Jetty(9.4.28.v20200408) /

Resource Hash

bcad25958833892d087f72b8d597508f4105d683ebc64756115450ee84585abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:54 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 103
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 200 audiences Show response
api.permutive.com/audience-matching/v1/id/2112858a-ddd4-4263-8de5-74b0cfa84727/ 12 B
25 B 399ms
398ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/audience-matching/v1/id/2112858a-ddd4-4263-8de5-74b0cfa84727/audiences?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:35:54 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12
content-type: application/json

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
362 B 175ms
175ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=513601&w=400&h=225&skip=1&req_type=1&ip=209.58.162.198&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&l=en-US&dt=2&c=SG&pid=21915&sid=21485&sname=gq.globo.com_21485&d=globo.com&sp=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:54 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://gq.globo.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
313 B 20ms
16ms XHR
text/xml 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=682430&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:54 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gq.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 0
396 B 549ms
49ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
x-sticky-debug: Request blocked, limitation reached
Date: Mon, 04 Sep 2023 07:35:54 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 04 Sep 2023 07:35:54 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
650 B 960ms
202ms XHR
text/xml 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://gq.globo.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2

200

tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/
Redirect Chain

https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes...
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes...

119 B
518 B

462ms
462ms

XHR
text/xml

2406:da18:9ea:6f16:8c2c:996a:e419:ba1e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=90906&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_tur=T
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:54 GMT
content-encoding: gzip
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://gq.globo.com
content-type: text/xml;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD

Redirect headers

location: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=90906&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_tur=T
access-control-allow-origin: https://gq.globo.com
date: Mon, 04 Sep 2023 07:35:54 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
307 B 764ms
55ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 517397

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
248 B 20ms
17ms XHR
text/xml 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=754288&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:54 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gq.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
875 B 151ms
47ms XHR
application/xml 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=971155
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 60726c256b18851be3a284f3796687d43bc5e9062ba17a41da5da322267c89a2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:54 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 641
expires: Mon, 04 Sep 2023 07:35:54 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
306 B 787ms
79ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&tg_c.language=es&width=400&height=225
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 1041961

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 67 B
604 B 643ms
146ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:54 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1693812954847069-82
Expires: Mon, 04 Sep 2023 07:35:54 GMT

GET
H/1.1 204
No Content swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 0
396 B 536ms
38ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=&playerSize=400x225&loc=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
x-sticky-debug: Request blocked, limitation reached
Date: Mon, 04 Sep 2023 07:35:54 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 04 Sep 2023 07:35:54 GMT

GET
H/1.1 200
OK 33730154 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 709 B
1 KB 553ms
48ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/33730154?supportsJavascript=true&supportsFlash=true
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: 9d3de624985e9ecec23ccb312f760351cebeca23bee5682b4b506c02427178fe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:54 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 709
x-sticky-vk: 1693812954852067-57
Expires: Mon, 04 Sep 2023 07:35:54 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 800 B
1 KB 559ms
47ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: 1b2a737d4607b99a0b4cf13c7758aa11fdfc80b4e86b79b7b6a66ab692ca478e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:54 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 800
x-sticky-vk: 1693812954873014-42
Expires: Mon, 04 Sep 2023 07:35:54 GMT

GET
H2

200

tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/
Redirect Chain

https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes...
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes...

119 B
518 B

364ms
363ms

XHR
text/xml

2406:da18:9ea:6f16:8c2c:996a:e419:ba1e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=778868&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_tur=T
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:54 GMT
content-encoding: gzip
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://gq.globo.com
content-type: text/xml;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD

Redirect headers

location: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=778868&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_tur=T
access-control-allow-origin: https://gq.globo.com
date: Mon, 04 Sep 2023 07:35:54 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
305 B 806ms
99ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=application/javascript,video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 50445

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
306 B 796ms
90ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&tg_c.language=en-US&width=400&height=225
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:55 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 568763

GET
H2 200 715072 Show response
vid.springserve.com/vast/ 2 KB
1 KB 25ms
6ms XHR
application/xml 13.250.188.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/715072?w=400&h=225&cb=584660&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.250.188.75 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-188-75.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 10c0057cc47dd75aad5f076c542c1ff1958be361e16f6b33fda2b98cd36a054e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: https://gq.globo.com
date: Mon, 04 Sep 2023 07:35:54 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/xml

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
128 B 326ms
326ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 5389235844652c26c9b47aaa1279803970c136f636055048e0044b8dcb48efe9

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:54 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
33 B 484ms
483ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:35:55 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 201 usage Show response
api.permutive.com/v2.0/tpd/ 0
36 B 309ms
309ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd/usage?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:55 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
362 B 684ms
177ms Fetch
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=513601&w=400&h=225&skip=1&req_type=1&ip=209.58.162.198&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&l=en-US&dt=2&c=SG&pid=21915&sid=21485&sname=gq.globo.com_21485&d=globo.com&sp=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:55 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://gq.globo.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 52 B
200 B 261ms
260ms XHR
application/json 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=VnaP3rYVKc

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed35a0a7b8306363784ea4f49b7146c7528dc082dc9571b4223544edf7dbbe27

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 04 Sep 2023 07:35:56 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-138-158
server: cloudflare
p3p: CP="NON DSP COR OUR IND"
access-control-allow-origin: *
server-time: 0.002
content-type: application/json
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
cf-ray: 80148f007f773ddc-SIN
alt-svc: h3=":443"; ma=86400
x-request-id: Mwfag0sK3NO

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame 6A59 159 KB
38 KB 41ms
40ms Script
application/javascript 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=971155
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:56 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame DB40 39 KB
15 KB 67ms
48ms Document
text/html 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=971155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f50947985c34238f2ffc1dd18026d8f434e7a63e8eb3f75822778218c940ac0c

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=172481
content-encoding: gzip
content-length: 14534
content-type: text/html
date: Mon, 04 Sep 2023 07:35:56 GMT
expires: Wed, 06 Sep 2023 07:30:37 GMT
last-modified: Fri, 01 Sep 2023 11:42:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 6A59 39 KB
15 KB 61ms
41ms Script
text/html 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=971155
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f50947985c34238f2ffc1dd18026d8f434e7a63e8eb3f75822778218c940ac0c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:56 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:42:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172481
accept-ranges: bytes
content-length: 14534
expires: Wed, 06 Sep 2023 07:30:37 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DB40 2 KB
3 KB 24ms
4ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43977999&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 8240ed3dcaf1c1611795f87d16760e0b4b31dee02f7d20532b833fe18c4409c7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 04 Sep 2023 07:35:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1735
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT

42 B
571 B

26ms
7ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:35:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Mon, 04 Sep 2023 07:35:56 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C684
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7147641075961760124&gdpr=0&gdpr_consent=

42 B
447 B

17ms
4ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7147641075961760124&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 04:48:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: c0c3de60-4d72-425c-8990-f7240167d261
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 07:35:56 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7147641075961760124&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 209.58.162.198; 209.58.162.198; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4B3C
Redirect Chain

https://cm.ambientdsp.com/cm/send?vc=pmj
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11gap694bzwu

1 B
247 B

11ms
5ms

Document
text/html

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11gap694bzwu
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 07:35:56 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-store
content-length: 0
date: Mon, 04 Sep 2023 07:35:56 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=11gap694bzwu
lws: 127.0.0.1
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DB40
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FdNkfb85TBe6akUtJwAXjQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

40ms
40ms

Image
text/html

23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:56 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:21:55 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172720
accept-ranges: bytes
content-length: 5636
expires: Wed, 06 Sep 2023 07:34:36 GMT

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame DB40
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=15D3647D-BF39-4C17-BA6A-452D2700178D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=15D3647D-BF39-4C17-BA6A-452D2700178D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=856cd62a-cc5e-4c78-bb91-4f8524c0cd57%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=856cd62a-cc5e-4c78-bb91-4f8524c0cd57%2C%2C

95 B
124 B

52ms
51ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=856cd62a-cc5e-4c78-bb91-4f8524c0cd57%2C%2C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:56 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=63abc881-6622-4257-b82d-9cf12807b118&ttd_puid=856cd62a-cc5e-4c78-bb91-4f8524c0cd57%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2 200 qmap
sync.crwdcntrl.net/ Frame DB40 49 B
265 B 59ms
36ms Image
image/gif 18.138.97.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.97.44 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-97-44.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.9.162
content-length: 49
expires: 0

GET info
uipglob.semasio.net/pubmatic/1/ Frame DB40 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DB40
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVEMzY0N0QtQkYzOS00QzE3LUJBNkEtNDUyRDI3MDAxNzhE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

4ms
4ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 04:48:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DB40
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK_qGisUA51NlyRqaYtX8XU&google_cver=1

42 B
267 B

5ms
4ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK_qGisUA51NlyRqaYtX8XU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:35:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEK_qGisUA51NlyRqaYtX8XU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame DB40
Redirect Chain

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:31EF1852B459412FA28E95F3DF011E40

42 B
362 B

4ms
4ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:31EF1852B459412FA28E95F3DF011E40
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:35:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date: Mon, 04 Sep 2023 07:35:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:31EF1852B459412FA28E95F3DF011E40
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 03 Sep 2023 07:35:57 GMT

GET
H2 200 15D3647D-BF39-4C17-BA6A-452D2700178D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DB40 43 B
602 B 30ms
9ms Image
image/gif 2406:da18:929:5a00:deb2:8da2:9e0e:3934
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/15D3647D-BF39-4C17-BA6A-452D2700178D?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2406:da18:929:5a00:deb2:8da2:9e0e:3934 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DB40
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=

42 B
279 B

23ms
6ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:35:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:56 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DB40
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15D3647D-BF39-4C17-BA6A-452D2700178D&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15D3647D-BF39-4C17-BA6A-452D2700178D&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_2bBALBE2uUEG4yxIRNSBm4ttpvM4hM-~A&gdpr=0

0
260 B

25ms
4ms

Image
text/plain

67.199.150.85
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_2bBALBE2uUEG4yxIRNSBm4ttpvM4hM-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.85 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_2bBALBE2uUEG4yxIRNSBm4ttpvM4hM-~A&gdpr=0
date: Mon, 04 Sep 2023 07:35:56 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DB40
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sync.aralego.com/bsw_sync?ucf_nid=par-E2B44D84BBBDED8A0B297323E4B4A68&dsp_id=445&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&gdpr_consent=&gdp...
https://x.bidswitch.net/sync?dsp_id=445&user_id=dc7c5309-b517-3cb7-a9d6-60853798150e&ssp=pubmatic&bsw_param=528fc541-7a21-468e-865f-9e23c888f546
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=528fc541-7a21-468e-865f-9e23c888f546&gdpr=&gdpr_consent=&gdpr_pd=

1 B
166 B

5ms
4ms

Image
text/html

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=528fc541-7a21-468e-865f-9e23c888f546&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 07:35:56 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=528fc541-7a21-468e-865f-9e23c888f546&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 04 Sep 2023 07:35:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame 6A59 27 B
549 B 94ms
63ms XHR
application/xml 67.199.150.94
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=1693812956586&us_privacy=&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgq.globo.com%252Ftecnologia%252Fnoticia%252F2023%252F08%252Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fgq.globo.com%252Ftecnologia%252Fnoticia%252F2023%252F08%252Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-9-4%2015:35:57&ranreq=0.3304127645738717&timezone=8&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=971155
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.94 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:57 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://gq.globo.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame 6A59 0
91 B 31ms
4ms Image
text/plain 207.65.33.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1693812957&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 track
st.pubmatic.com/ 0
49 B 4ms
4ms Image
text/plain 207.65.33.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1693812954&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

POST
H2 200 e Show response
aws.vidoomy.com/api/adserver/tracking/ 20 B
264 B 161ms
161ms XHR
application/json 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/tracking/e?event=AdError&format=1&id=70&domain=globo.com&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&execution=&duration=&requestStatus=success-with-credentials&requestSize=1033&cStringStatus=not-found&viewabilityMethod=INTERSECTIONOBSERVER&r=&loop=0&pversion=1.3.1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:57 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 20

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 4BE9 446 KB
113 KB 826ms
73ms Script
application/x-javascript 2600:1417:3f::1732:e8ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f::1732:e8ce , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 01:58:31 GMT
ETag: "64a61fc7-6f992"
X-Cache-Status: MISS
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=23042, 7200
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Expires: Mon, 04 Sep 2023 14:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/editoraglobo-gq/trc/3/ 58 KB
18 KB 929ms
926ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-gq/trc/3/json?tim=15%3A35%3A58.383&lti=deflated&data=%7B%22id%22%3A303%2C%22ii%22%3A%22%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693741313731%2C%22vi%22%3A1693812958380%2C%22cv%22%3A%2220230903-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml%22%2C%22vpi%22%3A%22%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A4000%2C%22dh%22%3A6865%2C%22nsid%22%3A%22editoraglobonetwork%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A3416.390625%2C%22mw%22%3A648%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Deditoraglobonetwork%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 49ae4221940b79ee7bdd9e66294ab086070b15e1fdf913b9379693776ef52ba2

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 589
date: Mon, 04 Sep 2023 07:35:59 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 158569
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220044-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693812958.468025,VS0,VE589
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 4BE9 25 KB
25 KB 25ms
9ms XHR
application/octet-stream 2600:1417:3f::1732:e8ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693812958598
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f::1732:e8ce , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:58 GMT
Last-Modified: Thu, 06 Jul 2023 01:58:31 GMT
ETag: "64a61fc7-6400"
X-Cache-Status: MISS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=34611, 7200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25600
Expires: Mon, 04 Sep 2023 17:12:49 GMT

GET

user-registering
ads.stickyadstv.com/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wa72a_7274871273036226328&gdpr=0&gdpr_consent=null
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPMT-4TspV0UCLo6zQJ-9PA&google_cver=1&gdpr=0&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPMT-4TspV0UCLo6zQJ-9PA&google_cver=1&gdpr=0&gdpr_consent=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPMT-4TspV0UCLo6zQJ-9PA&google_cver=1&gdpr=0&gdpr_consent=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
https://ads.stickyadstv.com/user-registering?userId=AAH-xE7J6xIAACZMnHlPOA&dataProviderId=817&gdpr=0

0
0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 4BE9 301 B
794 B 56ms
56ms XHR
text/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=33730154&loc=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:58 GMT
Server: nginx
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1693812958661082-42
Expires: Mon, 04 Sep 2023 07:35:58 GMT

GET
H/1.1 204
No Content swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 4BE9 0
396 B 48ms
47ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=33730154&vav=7554cde22f1f137fd8b6ed502469e7a5&vaviv=63728c824bae4833c92f7061784b4006&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/xml, text/xml
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
x-sticky-debug: Request blocked, limitation reached
Date: Mon, 04 Sep 2023 07:35:58 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 04 Sep 2023 07:35:58 GMT

POST
H2 200 e Show response
aws.vidoomy.com/api/adserver/tracking/ 20 B
264 B 162ms
162ms XHR
application/json 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/tracking/e?event=AdError&format=1&id=5&domain=globo.com&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&execution=&duration=&requestStatus=success-with-credentials&requestSize=709&cStringStatus=not-found&viewabilityMethod=INTERSECTIONOBSERVER&r=&loop=0&pversion=1.3.1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:58 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 20

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

58ms
58ms

Image
image/png

64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1693812958726064-69
Expires: Mon, 04 Sep 2023 07:35:58 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

1132ms
247ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: GB5WN50M16KDE9HFC5DA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:58 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1693812958726064-42
Expires: Mon, 04 Sep 2023 07:35:58 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame DB40 0
260 B 24ms
5ms Script
text/plain 207.65.33.76
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156498&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:58 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H3 200 metrics Show response
api.permutive.com/v2.0/internal/ 2 B
37 B 404ms
404ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/internal/metrics?k=cccecec5-8228-435e-81d1-33c4eccc78e6
Requested by: Host: d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
URL: https://d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app/d39f98ec-9259-4f8b-896d-7ab58be1f900-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 04 Sep 2023 07:35:59 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 703B 446 KB
113 KB 66ms
65ms Script
application/x-javascript 2600:1417:3f::1732:e8ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f::1732:e8ce , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 01:58:31 GMT
ETag: "64a61fc7-6f992"
X-Cache-Status: MISS
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=23041, 7200
Access-Control-Allow-Credentials: true
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Expires: Mon, 04 Sep 2023 14:00:00 GMT

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.8/ 127 KB
36 KB 659ms
327ms Script
application/javascript 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03

Request headers

Referer: https://gq.globo.com/
Origin: https://gq.globo.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:59 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 167380
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 36490
x-served-by: cache-fra-eddf8230064-FRA
last-modified: Sat, 02 Sep 2023 09:06:04 GMT
server: AmazonS3
x-timer: S1693812960.779107,VS0,VE0
etag: "fd7ae01836d3569c79370b947186fc34"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Mt6J1F-CGshnZjpFsfpaaJmwIate2Cx6kS3ud1pcGUxGOwxqpjbetQ==
x-cache-hits: 12866

GET
H2 200 feed-card-placeholder.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 1121ms
1121ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56a6716bb64bde5c15bdac3991adb587a4234cad6312d35a7fa39ac52a8de7a3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Ap84S_hCvA72zdUDf9cNfLvcfcbcov0Q
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: TTMCG7BGBTW6M9AR
age: 68958
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: AEFL2/sOBob8Kjk1jo7lAxPnxHnqKY++oEoBVufis8tsFacQIdduuKaVNX4YpeZCgfLgRga2lbw=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:26:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.523936,VS0,VE0
etag: "847de7c338e5a23faf7d522e4013c99d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 120588

GET
H2 200 distance-from-article.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 1115ms
1115ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7306593c4758a9cf5682ca5e78c6a9d87e299f2a817e5284fb210432c8b95659

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: jDGHHKYYdyP_456uMJXKZbLYS0qd4Z91
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: Y51BM81Q60RD37T6
age: 68975
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1132
x-amz-id-2: Dq1JmuJX+YWxvIgcioS5g5VNzha1YjDwi4ihNFfFu+9V/dUYwMpAqZTeUdz+PNQpHDQNzzGGScQ=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:26:25 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.523449,VS0,VE0
etag: "bfd82560a91c854e27ec86e0771d84fc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 130181

GET
H2 200 article-detection.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 1118ms
1117ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c33e4bdc3308820980d94536d79f4101b9b1783bd7968c314b4239164fd024f9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: n96KW8sdrianWNRRovEbp1ITTfXF9us9
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: BGMFAHMF5GC4GHFP
age: 68996
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1291
x-amz-id-2: pDLjPX9ttjM4fipE1wF17MjpznALp98cJXBbdw8icAlmMC0n/jGPxir1DQIG6ec3j/EY55mtX1Q=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:26:04 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.527004,VS0,VE0
etag: "9060b2072f239e7b7af5c9cb48935d04"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 1
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 130172

GET
H2 200 8314438e-1240-4037-ade5-bfeaed299a90.css
cdn.taboola.com/static/83/ 451 B
559 B 1113ms
1113ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/static/83/8314438e-1240-4037-ade5-bfeaed299a90.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: CkT0watBV7AEsiEughRkYLexggZw11Ym
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: D1HEB8A7NSP9KT4M
age: 3033
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 222
x-amz-id-2: 1nLUv5rES4EtfobnguMsZmuFFaHSioQ40hK3tbWIu2ba+0WGyHDmYhJ8cwBg0huEjTBBdfz9g/Q=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Tue, 07 Jul 2020 17:40:49 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.526649,VS0,VE0
etag: "1802e318f880ad7e5c7030e9da649cf6"
vary: Accept-Encoding
content-type: text/css
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 1099ms
1099ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: CCG7A4WVWN5WJAVZ
age: 100
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.526299,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 32
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 163

GET
H2 200 userx.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 1095ms
1095ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b7c29abdfb5a7ab3c95922a9be76c1d6e276d13c0d24d06731b6d4908f0fdad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: sDsJeiYFLpXCrZyvLp0sUCDtTs3HHC4K
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: QVA8TNE1HXZHCND8
age: 68910
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5397
x-amz-id-2: Gfx9McaLyQp7McgVOlxyeti+67mWA10L/R6TrOMEhFgqtW75ZwZgQXmMqJVbsWyYfUze93TsKMk=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:27:30 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.525076,VS0,VE0
etag: "38fff9c527380be4515b408d659361fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 74967

GET
H2 200 explore-more.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 1089ms
1089ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e55638caa101f99a3bc20334cc9f3a2c122c93c87929857f883df2451edd2b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: hPGDAYmQOLSTzYhx.zxf2mTCIvVKvq4F
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: J9X8ND02WZAFV0TS
age: 68963
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8803
x-amz-id-2: qRdluUd+eAtLebY5pWRld6czwAEBEtirHxCpBhfIHUTVWs1o1k3+I8a4qeA5el0lKi4IstrXCmo=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:26:36 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.500267,VS0,VE0
etag: "1678c7a2b5486ea355721b5fcd32dd6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 78
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 61266

GET
H2 200 feed-view.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
7 KB 1090ms
1090ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-view.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3bef95cee00ad81036f449f425e56247e368fb1c6c2c72848ca2d1eda2172ca5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: 7mt.9XU3PFf5n6njVKK7pBkKCgCUjEWs
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:35:59 GMT
x-amz-request-id: T135F6NK4FCTJ06B
age: 68948
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6562
x-amz-id-2: RdepTCqcfka0bfo+egYT7jrrqpk3RgeqH+q8RkKK6i9zdXP4mBS6zkePJAeMfbA/pA3SCIDqDJ0=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:26:51 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812960.524610,VS0,VE0
etag: "78cc1edfa7bc7c0d2a4a77f73da9a313"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 60317

GET
H2 204 pubs-generic
trc.taboola.com/editoraglobo-gq/log/3/ 0
454 B 1057ms
1056ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/editoraglobo-gq/log/3/pubs-generic?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22data%22%3A%22%5C%22true%5C%22%22%2C%22type%22%3A%22DEDUP_DEBUG%22%2C%22eventTime%22%3A1693812959367%7D&tim=15%3A35%3A59.368&id=1606&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 163
date: Mon, 04 Sep 2023 07:35:59 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 165979
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220044-FRA
pragma: no-cache
server: nginx
x-timer: S1693812960.516906,VS0,VE163
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
sg-trc-events.taboola.com/editoraglobo-gq/log/2/ 0
89 B 19ms
3ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/2/debug?tim=15%3A35%3A59.368&type=warn&msg=Duplicated%20items%20monitoring%20enabled&llvl=2&id=8695&cv=20230903-6-RELEASE&lt=deflated&pcs=%5Bdata-feed-main-container-id%3D%22taboola-below-article-thumbnails%22%5D&vi=1693812958380
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2537

GET
H2 204 abtests
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
506 B 20ms
4ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/abtests?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693812959379%7D&tim=15%3A35%3A59.379&id=3030&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
506 B 20ms
5ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/supply-feature?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A35%3A59.397&id=4772&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
362 B 14ms
4ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/social?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Especialista%20aponta%20brecha%20de%20seguran%C3%A7a%20em%20site%20de%20acompanhante%2C%20que%20nega%20vazamento%20de%20dados%22%2C%22sec%22%3A%22undefined%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fs2-gq.glbimg.com%2FCleXfHP8j7ndrbEOOzGWmV13_IU%3D%2F1200x%2Fsmart%2Ffilters%3Acover()%3Astrip_icc()%2Fi.s3.glbimg.com%2Fv1%2FAUTH_71a8fe14ac6d40bd993eb59f7203fe6f%2Finternal_photos%2Fbs%2F2023%2FN%2Fu%2FkvAUjKQfCeGHg7BuVILg%2F2022-02-15-gettyimages-521761442.jpeg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=15%3A35%3A59.440&id=4712&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:35:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 703B 25 KB
25 KB 19ms
19ms XHR
application/octet-stream 2600:1417:3f::1732:e8ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693812959466
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1417:3f::1732:e8ce , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:35:59 GMT
Last-Modified: Thu, 06 Jul 2023 01:58:31 GMT
ETag: "64a61fc7-6400"
X-Cache-Status: MISS
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=34610, 7200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25600
Expires: Mon, 04 Sep 2023 17:12:49 GMT

GET auto-user-sync
ads.stickyadstv.com/ Frame 703B 0
0

GET
H/1.1

400
Bad Request

stv
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=e7159bf5a3f58b18bdd5ac4325c9c151&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7b...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=wb502_7274871273036299696&gdpr=0&gdpr_consent=null
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1

23 B
23 B

96ms
95ms

Image
text/plain

54.248.182.252

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

HTTP/1.1

Server

54.248.182.252 -, , ASN (),

Reverse DNS

Software

gunicorn /

Resource Hash

b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:36:01 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 23
content-type: text/plain

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1
Date: Mon, 04 Sep 2023 07:36:01 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 703B 301 B
794 B 44ms
44ms XHR
text/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7585793&loc=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:59 GMT
Server: nginx
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1693812959514098-12
Expires: Mon, 04 Sep 2023 07:35:59 GMT

GET
H/1.1 204
No Content swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 703B 0
396 B 41ms
41ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7585793&_fw_us_privacy=&_fw_gdpr=0&schain=1.0%2C1!vidoomy.com%2C21915%2C1%2C%2C&_fw_gdpr_consent=&vav=e4fd596f44e15aac2ac50c3e2beba0a6&vaviv=f9596b41b0b985c3f8b90c71f09db8fc&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/xml, text/xml
Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
x-sticky-debug: Request blocked, limitation reached
Date: Mon, 04 Sep 2023 07:35:59 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 04 Sep 2023 07:35:59 GMT

POST
H2 200 e Show response
aws.vidoomy.com/api/adserver/tracking/ 20 B
264 B 161ms
161ms XHR
application/json 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/tracking/e?event=AdError&format=1&id=21&domain=globo.com&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&execution=&duration=&requestStatus=success-with-credentials&requestSize=800&cStringStatus=not-found&viewabilityMethod=INTERSECTIONOBSERVER&r=&loop=0&pversion=1.3.1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:35:59 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 20

GET user-matching
ads.stickyadstv.com/ Frame 703B 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

170 B
188 B

59ms
58ms

Image
image/png

64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:35:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:59 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZTcxNTliZjVhM2Y1OGIxOGJkZDVhYzQzMjVjOWMxNTE=&gdpr=0&gdpr_consent=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1693812959578008-46
Expires: Mon, 04 Sep 2023 07:35:59 GMT

GET user-matching
ads.stickyadstv.com/ Frame 703B 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

535ms
250ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:59 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XFF9EEGV9BGTC2BSCTX0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:35:59 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=e7159bf5a3f58b18bdd5ac4325c9c151&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1693812959569041-10
Expires: Mon, 04 Sep 2023 07:35:59 GMT

GET
H2 200 vpaid_3bc8d9fc.js Show response
vpaid.springserve.com/production/ Frame 1E24 521 KB
92 KB 452ms
157ms Script
application/javascript 2600:9000:23d0:f400:15:6f6c:b180:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23d0:f400:15:6f6c:b180:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 13:29:14 GMT
content-encoding: br
via: 1.1 3b4be9f7cd333273a9f136c30c72d1f8.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 22:03:46 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P3
age: 2233804
x-amz-server-side-encryption: AES256
etag: W/"a29292a78266a1cc6eb74cbf0c848fb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2678400
x-amz-cf-id: dsppLxBm67OB_8OFGLJWP0URUXx3TbjK2NWktpSOn7d8dcaVJ5YMgQ==

OPTIONS
H2 200 e
aws.vidoomy.com/api/adserver/tracking/ Frame 0
0 656ms
656ms Preflight 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/tracking/e?event=AdTagRequest&format=1&id=&domain=globo.com&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&execution=&duration=&requestStatus=&requestSize=&cStringStatus=not-found&viewabilityMethod=INTERSECTIONOBSERVER&r=&loop=0&pversion=1.3.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gq.globo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
content-length: 0
date: Mon, 04 Sep 2023 07:36:00 GMT

POST
H2 200 e Show response
aws.vidoomy.com/api/adserver/tracking/ 20 B
264 B 171ms
170ms XHR
application/json 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/tracking/e?event=AdTagRequest&format=1&id=&domain=globo.com&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&execution=&duration=&requestStatus=&requestSize=&cStringStatus=not-found&viewabilityMethod=INTERSECTIONOBSERVER&r=&loop=0&pversion=1.3.1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 20

POST
H2 204 bulk Show response
trc.taboola.com/editoraglobo-gq/log/3/ 0
470 B 361ms
360ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/editoraglobo-gq/log/3/bulk?tvi2=4948&tvi50=10385&route=HK%3ASG%3AV&lti=deflated&bulkSize=8
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 196
date: Mon, 04 Sep 2023 07:36:00 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 157672
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220044-FRA
pragma: no-cache
server: nginx
x-timer: S1693812961.529487,VS0,VE196
content-type: image/gif
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 st Show response
imprsgmp.taboola.com/ Frame AB61 528 B
382 B 656ms
655ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&cmcv=&pix=undefined&cb=1693812960493&uv=3329&tms=1693812960493&abt=mxrdvp_vB!mxrdvp_vB!nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=16be252c-aff7-4354-aed7-32a801213bdb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78c32e785fc603b0fd073b767f87e410f3db2e4afcd814455eb08ab44e6b4a98

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Sep 2023 07:36:00 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-etou8220044-FRA
x-timer: S1693812961.691271,VS0,VE160

GET
H2 200 sync Show response
sg-match.taboola.com/ Frame 7BD2 404 B
498 B 11ms
5ms Document
text/html 141.226.229.48

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-match.taboola.com/sync?dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 58400f286cb32926e3f78f1fb863b4cee960ee6d2e17bbfa1d91ae6e7d1a9c18

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Mon, 04 Sep 2023 07:36:00 GMT
machineid: 3301
server: nginx

GET
H2 200 st
sg-vid-events.taboola.com/ 0
43 B 9ms
4ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&cmcv=&pix=31589837&cb=1693812960493&uv=3329&tms=1693812960493&abt=mxrdvp_vB!mxrdvp_vB!nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693812945210.7!ts:1693812960493&mntl=1
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:00 GMT
content-length: 0
server: nginx

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7BD2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118

0
206 B

587ms
587ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 164
date: Mon, 04 Sep 2023 07:36:00 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220044-FRA
server: nginx
x-timer: S1693812961.691205,VS0,VE164
x-fastly-to-nlb-rtt: 155742
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 7BD2
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA

0
373 B

4ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2666

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 04 Sep 2023 07:36:00 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.198","key":"ZPWI4MCo8YQAABUX3pUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1009"}
X-SO-Key: ZPWI4MCo8YQAABUX3pUAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad1009
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA
Cache-Control: private
X-SO-HostName: m-ad1009.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp
X-SO-IP: 209.58.162.198

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 7BD2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A

0
373 B

13ms
5ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A
Requested by: Host: sg-match.taboola.com
URL: https://sg-match.taboola.com/sync?dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://sg-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 2691

Redirect headers

date: Mon, 04 Sep 2023 07:36:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A
content-length: 0

GET
H3 200 css2
fonts.googleapis.com/ 20 KB
915 B 11ms
10ms Stylesheet
text/css 2404:6800:4003:c03::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c03::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 04 Sep 2023 07:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 07:18:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 04 Sep 2023 07:36:00 GMT

GET
H2 200 spa-detector.20230903-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 256ms
256ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230903-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/editoraglobonetwork/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dabe40043cf1d77cd46fe459fef8ee265b629092db8f8fbf53d5bc8bd0d1dc90

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: CdX3GfECF6DbEcUVjiVTWi0hFMuAhGuy
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:36:00 GMT
x-amz-request-id: RMQ01VX5NN9H41P1
age: 68925
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 779
x-amz-id-2: oa4c/nNLxNG6e0ZzUmfyMwZZQ68PPE/nSI2eJRJkopdAgO6y6Z3yJh8W3r4TE7PPfKWX/PFJB5Q=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 03 Sep 2023 12:27:16 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812961.691254,VS0,VE0
etag: "044d245b632ada427c290e71627dd688"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 63134

GET
H2 204 supply-feature
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
506 B 3ms
3ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/supply-feature?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A36%3A00.512&id=605&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
362 B 3ms
3ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/supply-feature?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A36%3A00.516&id=9589&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
362 B 3ms
3ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/abtests?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1693812960517%7D&tim=15%3A36%3A00.517&id=729&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
506 B 5ms
5ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/supply-feature?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A3134.28125%2C%5C%22articleClasses%5C%22%3A%5C%22wall%20protected-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22DIV%5C%22%2C%5C%22threshold%5C%22%3A%5C%22700%5C%22%7D%22%7D&tim=15%3A36%3A00.542&id=6605&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
506 B 4ms
3ms Image
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/supply-feature?route=HK:SG:V&tvi2=4948&tvi50=10385&lti=deflated&ri=73ebd2634e2c64cd9c2c26ad88c57d62&sd=v2_90fd4f1fde34d30344019eb12a698658_53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e_1693812958_1693812958_CNawjgYQm_9JGKzJ-vilMSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaO2P0J2V_dKnwAFwAQ&ui=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&pi=/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&wi=-5221464268608348035&pt=text&vi=1693812958380&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%223134.28125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=15%3A36%3A00.547&id=1334&llvl=2&cv=20230903-6-RELEASE&
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ Frame 1E24 1 KB
900 B 58ms
58ms XHR
application/xml 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0,1!vidoomy.com,21915,1,,1693812954341,,
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_3bc8d9fc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e28bc60992e5f126a2343cfaac591284be33200ca85754fab71e1fda5ce6e024

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 666
expires: Mon, 04 Sep 2023 07:36:00 GMT

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame B65C 159 KB
38 KB 40ms
40ms Script
application/javascript 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0,1!vidoomy.com,21915,1,,1693812954341,,
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:00 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B888 39 KB
15 KB 48ms
47ms Document
text/html 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0,1!vidoomy.com,21915,1,,1693812954341,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f50947985c34238f2ffc1dd18026d8f434e7a63e8eb3f75822778218c940ac0c

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=172477
content-encoding: gzip
content-length: 14534
content-type: text/html
date: Mon, 04 Sep 2023 07:36:00 GMT
expires: Wed, 06 Sep 2023 07:30:37 GMT
last-modified: Fri, 01 Sep 2023 11:42:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B65C 39 KB
15 KB 41ms
41ms Script
text/html 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0,1!vidoomy.com,21915,1,,1693812954341,,
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f50947985c34238f2ffc1dd18026d8f434e7a63e8eb3f75822778218c940ac0c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:00 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:42:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172477
accept-ranges: bytes
content-length: 14534
expires: Wed, 06 Sep 2023 07:30:37 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B888 2 KB
2 KB 4ms
4ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3044864&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: b62f7ab74f74b11d1d344162e1184473870e4e1d4a02fa94dd189deae310d6fb

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 04 Sep 2023 07:36:00 GMT
content-length: 1997
content-type: text/html; charset=UTF-8

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame BF89
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=

35 B
600 B

36ms
36ms

Document
image/gif

185.84.60.21

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.21 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Mon, 04 Sep 2023 07:36:01 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Mon, 04 Sep 2023 07:36:01 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C531
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

5ms
4ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:36:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 04 Sep 2023 07:36:00 GMT
expires: Mon, 04 Sep 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2068200
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame A20E 0
0

GET sync
sync.srv.stackadapt.com/ Frame 10D8 0
0

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 488C
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rkccrr11ast

42 B
306 B

27ms
27ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rkccrr11ast
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 04:48:09 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Mon, 04 Sep 2023 07:36:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1rkccrr11ast
lws: 38
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame E7B1 43 B
369 B 69ms
54ms Document
image/gif 35.186.193.173

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 04 Sep 2023 07:36:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D329
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7ea09bad1a56419084ffc50b4b79c8b5

42 B
382 B

4ms
4ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7ea09bad1a56419084ffc50b4b79c8b5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:36:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Mon, 04 Sep 2023 07:36:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=7ea09bad1a56419084ffc50b4b79c8b5
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8ED3
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=pwVkXUtyC2emUy-F4Yj1ZA

42 B
279 B

4ms
4ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=pwVkXUtyC2emUy-F4Yj1ZA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:36:01 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 07:36:01 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=pwVkXUtyC2emUy-F4Yj1ZA
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET

sync
pippio.com/api/ Frame B888
Redirect Chain

https://idsync.rlcdn.com/420486.gif?partner_uid=15D3647D-BF39-4C17-BA6A-452D2700178D
https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDE1RDM2NDdELUJGMzktNEMxNy1CQTZBLTQ1MkQyNzAwMTc4RBAAGg0I4ZHWpwYSBQjoBxAAQgBKAA
https://pippio.com/api/sync?pid=5324&it=1&iv=425a967a70c16aa32a1d6d06d33b7f198f25cc03a4bc7a47acfa89557be3397d791426b5417dce21&_=2

0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B888
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3865059720704164642

42 B
322 B

6ms
5ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3865059720704164642
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:35:59 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3865059720704164642
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B888
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168133558669807420&gdpr=0&gdpr_consent=&us_privacy=

1 B
176 B

5ms
5ms

Image
text/html

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168133558669807420&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 04 Sep 2023 07:36:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168133558669807420&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:00 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET

current
pubmatic-match.dotomi.com/match/bounce/ Frame B888
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3040eca01acc24c6&is_secure=true&networkId=17100&version=1&nuid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=

0
0

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame AB61
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118

0
357 B

329ms
329ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&cmcv=&pix=undefined&cb=1693812960493&uv=3329&tms=1693812960493&abt=mxrdvp_vB!mxrdvp_vB!nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=16be252c-aff7-4354-aed7-32a801213bdb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imprsgmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 166
date: Mon, 04 Sep 2023 07:36:01 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220044-FRA
server: nginx
x-timer: S1693812961.242381,VS0,VE166
x-fastly-to-nlb-rtt: 160658
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame AB61
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtabo...
https://x.bidswitch.net/sync?dsp_id=354&user_id=efd28a24367847c8a0252af837479321&ssp=taboola&bsw_param=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&consent=&gdpr_pd=&expires=7
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=

0
373 B

13ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&cmcv=&pix=undefined&cb=1693812960493&uv=3329&tms=1693812960493&abt=mxrdvp_vB!mxrdvp_vB!nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=16be252c-aff7-4354-aed7-32a801213bdb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://imprsgmp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7761

Redirect headers

Location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=528fc541-7a21-468e-865f-9e23c888f546&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Mon, 04 Sep 2023 07:36:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5E99 281 B
554 B 139ms
3ms Document
text/html 23.36.254.89

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: imprsgmp.taboola.com
URL: https://imprsgmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8-vcCLAa4P3ppaxIWrRFwf_TS1iQsWisAAABgYID-AEnMJi7LarJxK2w231q0WY3WCpfJt9ZMFsbBYrLYTEwWIyCJ2cRlWU02boXN5luLNqvRWuEy-daaycI4WEwWm4nJYgUfxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPG8Ch6XT4XPd6neOuM_stfrvG7_aLXh673-z3OR1-ud_09DgdfslgstkLhnuJ5eUxOtyap-nlVnj8bsPDbnTYTS_PW-YwPcxutd_kMruVdpvf8nZ4_C7PW_DyfP4Op-euM5reZjsAAAAAePD___8PAQAAACACAAAAgAQAAAAACgEV_i0IXAAAAADA8P___68BAJhDwjztPofhb3n5AwAAAAAIAAAAABIABbynJQA-zqJO_P_________HGKDPvJHx____f4OhB8CDD4AHIQAAAA9DkpEFWiv00aGIFKAUYQQAAAAgWkfU-MgknaBiUeX__7_fCsAVAIAAxS-PUsMsuoMSb2EAAAAKxizQw-L3mx12jd_tMv__________Zv7P_KP5OXWlSCP0jGqv5hcQAGDNLyAAABt1AwDwJgBO0AmA1VGI3XA22E0Gs-XsAAAAANz5____1wOSg5nJNHPMTC7PaOQZbEajwWK5sjgmC9tyOFsNt8fQ0H_oQ5b7qU-IsMx-30FBOT09ZpdBVHS9LXaH0-w5iA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7MxCL2QBNxGC5nEwWk91qtBpthrvRbLBAAjGYIIoWDSar0WiymAxXo8lqtlzsdhtE0arVbLQZDFezyWy3Ww0Hw-VohCZsMVpNJpvlcLZcTAbD0XA0GiKY2kxMpsVythbZHJa1aDlyrhWukW2tmDmWM9PGNFl5RmvR62O6uGyGlWvlRYIBeHuRPC3SiW6zspgss81oZdnYRhuTc2PZWGYLk3G4ce1GtslELNGcLNKJ7LJvDmYm08wxM7k8o5FnsBmNBovlyuKYLGzL4Ww13Lc2E5NpsZytRTaHZS1ajpxrhWtkWytmjuXMtDFNVp7RWvT6mC4um2HlWvkbs-VmuJgsV8N9Y7bcDBeT5Wq479AZvqvP2Wj7m1Mel3ply55mN6dB4TJYvN-DRRqddnZGn8twsajGpp1jYhX6_X6_3-_3-_1-78Zs8BgMhp8yKEwps37JS_c9aLwHoyKWCC7SicrkNP0tD5_Zb_G7dY6LWKI0XaQTvejlsfvNfp_T4Zf7TU-P0-GXDCabvWC4l1heHqPDrXmaXm6Fx-82POxGh9308rxlDtPD7Fb7TS6zW2m3-S1vh8fv8rwFL8_n73B67jqj6W22iCWC00U6Eb2Mp4v6jxxksJyrhnPFbDJXLIerBAAAAAAAAABgCSaZbgIAAADgZDC71XK3WqcDGayGg9lquQAk_jZ1AYMAAAAAAADsuk0MTTekAesr1thjD2Vymv6Wh8_st_jdOseVAUi4iTLb7DOCWKvVsgYAACCADQAAIICbbrwJwGLi_v___8cBAAAEkEMPAACAfh8QVcyRK4VeOL-CGGyGq_0DUCHWarW63Vir1QpIIJPJZAL_____AQ!&cmcv=&pix=undefined&cb=1693812960493&uv=3329&tms=1693812960493&abt=mxrdvp_vB!mxrdvp_vB!nonrv_vA!t45!testmsn_vB!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=16be252c-aff7-4354-aed7-32a801213bdb&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.254.89 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprsgmp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Sep 2023 07:36:01 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5E99 34 KB
10 KB 5ms
4ms Script
text/html 23.36.254.89

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.254.89 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b0d81e328de9e645b6a36c42324259bfe07cdce8cbfc0fd7e4ee442a848034b3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:36:01 GMT
Content-Encoding: gzip
Last-Modified: Sun, 03 Sep 2023 13:30:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=21209
Connection: keep-alive
Content-Length: 10124
Expires: Mon, 04 Sep 2023 13:29:30 GMT

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 5E99
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LM4KHXZC-V-BP7U
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---

0
373 B

4ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9939

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ab995a74221271a8dc253760ec78ee1d
Expires: 0

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame BCAD
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA

0
374 B

3ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13080

Redirect headers

Date: Mon, 04 Sep 2023 07:36:01 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"209.58.162.198","key":"ZPWI4MCo8YQAABUX3pUAAAAA","privacy_sensitive":false,"uid":"ZPWI4MCo8YQAABUX3pUAAAAA","upstream_id":"m-ad1009"}
X-SO-Key: ZPWI4MCo8YQAABUX3pUAAAAA
X-SO-Upstream-ID: m-ad1009
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad1009.dc4p.scaleout.jp
X-SO-UID: ZPWI4MCo8YQAABUX3pUAAAAA
Connection: keep-alive
Content-Length: 0
X-SO-IP: 209.58.162.198
X-SO-Cluster-ID: 0
Server: nginx
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZPWI4MCo8YQAABUX3pUAAAAA
Cache-Control: private
X-SO-Ads-Time: 4
X-SO-LB-Hostname: m-tgng32.dc4p.scaleout.jp

GET
H2

204

/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame BCAD
Redirect Chain

https://ih.adscale.de/su?gdpr=1&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
https://ih.adscale.de/su?gdpr=1&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=d8bdc3959a8949d8a5...
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d8bdc3959a8949d8a5438bb133afd9d8

0
365 B

4ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d8bdc3959a8949d8a5438bb133afd9d8
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 10997

Redirect headers

location: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=d8bdc3959a8949d8a5438bb133afd9d8
date: Mon, 04 Sep 2023 07:36:02 GMT
content-length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame BCAD 0
0 460ms
4ms Image
text/html 23.106.127.164

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.164 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame BCAD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U

0
373 B

4ms
4ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6783

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LM4KHXZC-V-BP7U
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 030b4ddd4a4f3e9891a065664f20c4bb
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame BCAD
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e?gdpr=1&gdpr_consent=&us_privacy=
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A

0
373 B

4ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 6309

Redirect headers

date: Mon, 04 Sep 2023 07:36:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-abLOtElE2oQt.6ctefeaSiMQMTkZRllcJFHyag--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame BCAD
Redirect Chain

https://trace.mediago.io/ju/cs/taboola
https://trace.popin.cc/ju/cs/taboola
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=b08c8ff10c70bb4a37dd9d26d5f0194b

0
374 B

4ms
4ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=b08c8ff10c70bb4a37dd9d26d5f0194b
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12200

Redirect headers

date: Mon, 04 Sep 2023 07:36:02 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=b08c8ff10c70bb4a37dd9d26d5f0194b
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

/
sync.taboola.com/sg/google-network/1/rtb-h/ Frame BCAD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGguzLeydtEr5rnOd988Ers&google_cver=1

0
374 B

3ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGguzLeydtEr5rnOd988Ers&google_cver=1
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 10777

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEGguzLeydtEr5rnOd988Ers&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame BCAD 42 B
95 B 10ms
6ms Image
image/gif 67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e:$UID
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:36:01 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCAD
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e

170 B
188 B

54ms
54ms

Image
image/png

64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e
date: Mon, 04 Sep 2023 07:36:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 7115

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame BCAD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118

0
388 B

324ms
323ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-vcl-time-ms: 150
date: Mon, 04 Sep 2023 07:36:01 GMT
via: 1.1 varnish
x-served-by: cache-fra-etou8220044-FRA
server: nginx
x-timer: S1693812961.472543,VS0,VE150
x-fastly-to-nlb-rtt: 159238
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=63abc881-6622-4257-b82d-9cf12807b118
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame BCAD 0
311 B 578ms
192ms Image
text/plain 209.191.163.210

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&us_privacy=&gdpr=1&gdpr_consent=
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.210 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Mon, 04 Sep 2023 07:36:01 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4sfo1
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame BCAD 49 B
688 B 581ms
192ms Image
image/gif 74.214.196.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.214.196.131 -, , ASN (),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: zh-SG
content-type: image/gif;charset=GB2312
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-84886b676f-zmqjz
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame BCAD 43 B
163 B 570ms
3ms Image
image/gif 23.106.127.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&gdpr=1&gdpr_consent=
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.39 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame BCAD 43 B
362 B 9ms
5ms Image
image/gif 182.161.73.146

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&gdpr=1&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 545755
expires: Mon, 04 Sep 2023 00:00:00 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/464/ Frame BCAD 43 B
1 KB 498ms
166ms Image
image/gif 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/464/9.gif?puid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D

Requested by

Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 04 Sep 2023 07:36:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame BCAD 43 B
235 B 89ms
89ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=taboola&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:36:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame BCAD
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f4146a47-297d-479a-9a74-9507f879dc51
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f4146a47-297d-479a-9a74-9507f879dc51&tbid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&query=taboola_hm%3Df4146a47-297d-...

0
83 B

358ms
355ms

Image
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f4146a47-297d-479a-9a74-9507f879dc51&tbid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&query=taboola_hm%3Df4146a47-297d-479a-9a74-9507f879dc51&isDirect=0
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 04 Sep 2023 07:36:03 GMT
via: 1.1 varnish
server: nginx
x-timer: S1693812964.739197,VS0,VE193
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra-etou8220044-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f4146a47-297d-479a-9a74-9507f879dc51&tbid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&query=taboola_hm%3Df4146a47-297d-479a-9a74-9507f879dc51&isDirect=0
date: Mon, 04 Sep 2023 07:36:03 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 9014

GET
H2 200 sd
u.openx.net/w/1.0/ Frame BCAD 43 B
106 B 11ms
8ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&gdpr=1&gdpr_consent=
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 xuid
eb2.3lift.com/ Frame BCAD 37 B
140 B 23ms
10ms Image
image/gif 35.71.178.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7772&xuid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&dongle=tbla&gdpr=1&gdpr_consent=&us_privacy=
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.178.8 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame BCAD
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=140
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=omRSH4PIUmF4MKHm3eZuK9E6osY

0
374 B

4ms
3ms

Image
text/plain

141.226.229.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=omRSH4PIUmF4MKHm3eZuK9E6osY
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13575

Redirect headers

Location: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=omRSH4PIUmF4MKHm3eZuK9E6osY
Date: Mon, 04 Sep 2023 07:36:02 GMT
Connection: keep-alive
Content-Length: 119
Content-Type: text/html; charset=utf-8

GET
H2 200 sync
t.adx.opera.com/ Frame BCAD 35 B
466 B 496ms
163ms Image
image/gif 82.145.213.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cm
u.openx.net/w/1.0/ Frame BCAD 43 B
75 B 9ms
9ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?gdpr=1&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 166ms
163ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:36:01 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 2983
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693812961.465374,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 42
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 16405

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 331ms
329ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:36:01 GMT
x-amz-request-id: AXB48TVMJDNAM2N4
age: 22467
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 6467
x-amz-id-2: b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812961.465338,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 38
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 57666

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
394 B 332ms
330ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Mon, 04 Sep 2023 07:36:01 GMT
x-amz-request-id: M4SP5ZB80QM7DHQP
age: 17750
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: 27s1ZzL8grOAJHrzyGAagzwa4QLcFiyx8paeutTC1SOQfkmrt1WACjA/9B+yApzfDtcrskytcvQ=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693812961.465462,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 46990

GET
H2 200 AdServerServlet Show response
vid.pubmatic.com/AdServer/ Frame B65C 27 B
352 B 16ms
16ms XHR
application/xml 67.199.150.94
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0,1!vidoomy.com,21915,1,,1693812954341,,&us_privacy=&cb=1693812960873&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fgq.globo.com%252Ftecnologia%252Fnoticia%252F2023%252F08%252Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&screenResolution=1600x1200&kdntuid=1&vwndh=150&vwndw=0&vwndurl=https%253A%252F%252Fgq.globo.com%252Ftecnologia%252Fnoticia%252F2023%252F08%252Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-9-4%2015:36:1&ranreq=0.6183009045033905&timezone=8&sua_br=[]&sua_mob=0&depth=0
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&schain=1.0,1!vidoomy.com,21915,1,,1693812954341,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.94 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: https://gq.globo.com
content-type: application/xml; charset=utf-8
x-vdbg: 1:0/165:-1
access-control-allow-credentials: true
cache-control: no-store, no-cache, private

GET
H2 200 track
st.pubmatic.com/ Frame B65C 0
49 B 4ms
3ms Image
text/plain 207.65.33.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1693812961&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 track
st.pubmatic.com/ Frame 1E24 0
49 B 4ms
3ms Image
text/plain 207.65.33.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1693812960&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame 1E24 43 B
206 B 680ms
225ms Image
image/gif 44.210.174.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=809c510b&ps_id=715072&event=js_opportunity&time_on_page=4&num_bq_pt=1&num_dt_pt=1&timestamp=1693812961418&ip=209.58.162.198&_disyn=1&ssid=4af0359d-2a32-44f2-89f6-c50ae42c7b60.1693812954341&uuid=809c510b-aba8-49e0-9dd4-51551426d972&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&did=72247ec3-fa87-f40f-cd90-df76e96cb1ce&_rcc=bs.127163_vp.110514&d=gq.globo.com&w=400&h=225&cc=SG&dtnum=1&ss_region=sin&a_cc=s.715072&d_m=gq.globo.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=2788700
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.174.132 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-cle.springserve.com/vd/ Frame 1E24 43 B
206 B 631ms
209ms Image
image/gif 54.148.231.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=809c510b&ps_id=715072&event=cm_js_demand_req_resp&a_cc=s.715072-d.455568&dtidx=1&cc_i=0&response_time=63&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=3&timestamp=1693812961418&ip=209.58.162.198&_disyn=1&ssid=4af0359d-2a32-44f2-89f6-c50ae42c7b60.1693812954341&uuid=809c510b-aba8-49e0-9dd4-51551426d972&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&did=72247ec3-fa87-f40f-cd90-df76e96cb1ce&_rcc=bs.127163_vp.110514&d=gq.globo.com&w=400&h=225&cc=SG&dtnum=1&ss_region=sin&d_m=gq.globo.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3088769
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.231.196 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-dub.springserve.com/vd/ Frame 1E24 43 B
206 B 771ms
238ms Image
image/gif 52.17.186.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=809c510b&ps_id=715072&event=js_demand_opportunity&a_cc=s.715072-d.455568&dtidx=1&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=3&timestamp=1693812961418&ip=209.58.162.198&_disyn=1&ssid=4af0359d-2a32-44f2-89f6-c50ae42c7b60.1693812954341&uuid=809c510b-aba8-49e0-9dd4-51551426d972&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&did=72247ec3-fa87-f40f-cd90-df76e96cb1ce&_rcc=bs.127163_vp.110514&d=gq.globo.com&w=400&h=225&cc=SG&dtnum=1&ss_region=sin&d_m=gq.globo.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4493772
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.186.143 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-cle.springserve.com/vd/ Frame 1E24 43 B
205 B 624ms
210ms Image
image/gif 54.148.231.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-cle.springserve.com/vd/i?suuid=809c510b&ps_id=715072&event=js_demand_error&a_cc=s.715072-d.455568&dtidx=1&cc_i=0&response_time=617&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=3&timestamp=1693812961418&ip=209.58.162.198&_disyn=1&ssid=4af0359d-2a32-44f2-89f6-c50ae42c7b60.1693812954341&uuid=809c510b-aba8-49e0-9dd4-51551426d972&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&did=72247ec3-fa87-f40f-cd90-df76e96cb1ce&_rcc=bs.127163_vp.110514&d=gq.globo.com&w=400&h=225&cc=SG&dtnum=1&ss_region=sin&d_m=gq.globo.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3631972
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.148.231.196 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H2 200 i
vid-io-iad.springserve.com/vd/ Frame 1E24 43 B
205 B 503ms
226ms Image
image/gif 44.210.174.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vid-io-iad.springserve.com/vd/i?suuid=809c510b&ps_id=715072&event=js_supply_error&time_on_page=684&reason=NO_FILL&timeout=false&timestamp=1693812961418&ip=209.58.162.198&_disyn=1&ssid=4af0359d-2a32-44f2-89f6-c50ae42c7b60.1693812954341&uuid=809c510b-aba8-49e0-9dd4-51551426d972&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&did=72247ec3-fa87-f40f-cd90-df76e96cb1ce&_rcc=bs.127163_vp.110514&d=gq.globo.com&w=400&h=225&cc=SG&dtnum=1&ss_region=sin&a_cc=s.715072&d_m=gq.globo.com&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=4329644
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.174.132 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5E99
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=rvyUY90rR9my8bvJCmN0HA&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvyUY90rR9my8bvJCmN0HA&gdpr=0

43 B
479 B

191ms
190ms

Image
image/gif

52.94.222.140

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvyUY90rR9my8bvJCmN0HA&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.94.222.140 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:36:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MBYJFPS1RMMPSA3ETZNE
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=rvyUY90rR9my8bvJCmN0HA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E99
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGVkOTM3OGVjZWVkODgxNWQ4MDcwMTRmMmVjZTBlMjI0ZWY4YzkyYw&gdpr=0&us_privacy=1---

170 B
188 B

62ms
61ms

Image
image/png

64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGVkOTM3OGVjZWVkODgxNWQ4MDcwMTRmMmVjZTBlMjI0ZWY4YzkyYw&gdpr=0&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGVkOTM3OGVjZWVkODgxNWQ4MDcwMTRmMmVjZTBlMjI0ZWY4YzkyYw&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5E99
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---

0
732 B

197ms
183ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:01 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D4E21B81247143D39F958CC43C00B564 Ref B: SIN30EDGE0711 Ref C: 2023-09-04T07:36:01Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYEg4/mPU1Xjw+D6Ll9JQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM4KHXZC-V-BP7U&gdpr=0&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5E99
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w-iqD6xERea0QcyZD6mIlw&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w-iqD6xERea0QcyZD6mIlw&gdpr=0

43 B
479 B

256ms
256ms

Image
image/gif

52.46.128.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w-iqD6xERea0QcyZD6mIlw&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

HTTP/1.1

Server

52.46.128.147 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:36:02 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HVTP79NPV60H71KSKWZ1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=w-iqD6xERea0QcyZD6mIlw&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5E99
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL0TXwTBG29n_TqZVBTkkTw&google_cver=1

42 B
732 B

7ms
6ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL0TXwTBG29n_TqZVBTkkTw&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL0TXwTBG29n_TqZVBTkkTw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5E99
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE00S0hYWkMtVi1CUDdV&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEGmBxIMYXPTC_AaQAxVKwr4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00S0hYWkMtVi1CUDdV&google_push=&gdpr=0

170 B
188 B

55ms
54ms

Image
image/png

64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00S0hYWkMtVi1CUDdV&google_push=&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---

Protocol

Server

64.233.170.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00S0hYWkMtVi1CUDdV&google_push=&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5E99
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/bWOVPFQNn0tC5-vvLxitRw?csrc=&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PKanEQxE2oLeVVVUjek5adaWvvieQcD7z2civA--~A

42 B
740 B

6ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PKanEQxE2oLeVVVUjek5adaWvvieQcD7z2civA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 04 Sep 2023 07:36:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-PKanEQxE2oLeVVVUjek5adaWvvieQcD7z2civA--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5E99
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=&expires=30

42 B
732 B

5ms
5ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 550b0c1400f70e56269f7c1848fb3166
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=63abc881-6622-4257-b82d-9cf12807b118&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2 200 track
st.pubmatic.com/ 0
49 B 4ms
3ms Image
text/plain 207.65.33.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1693812954&wa=0&e=96&ier=402&vadsId=[ADSERVINGID]
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 / Show response
pips.taboola.com/ 4 B
139 B 516ms
512ms XHR
text/plain 151.101.193.44

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230064-FRA
date: Mon, 04 Sep 2023 07:36:01 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://gq.globo.com
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
713 B 163ms
163ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: gq.globo.com
URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Mon, 04 Sep 2023 07:36:01 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 4121
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-etou8220044-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1693812962.638089,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 5
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2963

POST
H2 204 perf Show response
sg-trc-events.taboola.com/editoraglobo-gq/log/3/ 0
520 B 5ms
5ms XHR
text/plain 141.226.229.48

General

Check archive.org

Show headers Download Go to

Full URL: https://sg-trc-events.taboola.com/editoraglobo-gq/log/3/perf?tvi2=4948&tvi50=10385&route=HK%3ASG%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230903-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://gq.globo.com
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 756ms
249ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=53bd4196-dfa2-49d9-a5d6-1f19f4c42e34-tuctbef0e5e&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 04 Sep 2023 07:36:02 GMT
cache-control: no-store
server: nginx

POST
H2 200 e Show response
aws.vidoomy.com/api/adserver/tracking/ 20 B
264 B 162ms
158ms XHR
application/json 54.93.143.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aws.vidoomy.com/api/adserver/tracking/e?event=AdError&format=1&id=52&domain=globo.com&u=396421bb-e8c3-445c-8f9a-7e9a25886d15&zoneId=21485&execution=&duration=&requestStatus=success-with-credentials&requestSize=2066&cStringStatus=not-found&viewabilityMethod=INTERSECTIONOBSERVER&r=&loop=0&pversion=1.3.1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.143.127 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-143-127.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:02 GMT
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type: application/json
access-control-allow-origin: https://gq.globo.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 20

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
362 B 182ms
177ms XHR
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=716542&w=400&h=225&skip=1&req_type=1&ip=209.58.162.198&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&l=en-US&dt=2&c=SG&pid=21915&sid=21485&sname=gq.globo.com_21485&d=globo.com&sp=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:36:02 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://gq.globo.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
78 B 20ms
15ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=559614560&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=789270&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gq.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 0
396 B 48ms
40ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
x-sticky-debug: Request blocked, limitation reached
Date: Mon, 04 Sep 2023 07:36:02 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 04 Sep 2023 07:36:02 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
741 B 217ms
205ms XHR
text/xml 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml

Requested by

Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://gq.globo.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
487 B 186ms
174ms XHR
text/xml 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-vgm1t&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=584428&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
content-encoding: gzip
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://gq.globo.com
content-type: text/xml;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
306 B 77ms
65ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=275&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=250&p_aso.video.mimes=video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 569133

GET
H3 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
78 B 23ms
14ms XHR
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=914877&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/xml
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://gq.globo.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1 KB
875 B 96ms
85ms XHR
application/xml 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=433227
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 404e669274ccd79a0b7f0b4128c3828ce995f2ff7ab66b1e1ae6027a2f2bf61b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
content-encoding: gzip
server: Apache
etag: "23da-5e7fbf52c16e8-gzip"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 641
expires: Mon, 04 Sep 2023 07:36:02 GMT

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
306 B 91ms
80ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&tg_c.language=es&width=400&height=225
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 178585

GET
H/1.1 204
No Content swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 0
396 B 74ms
66ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
x-sticky-debug: Request blocked, limitation reached
Date: Mon, 04 Sep 2023 07:36:02 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 04 Sep 2023 07:36:02 GMT

GET
H/1.1 204
No Content swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ 0
396 B 59ms
48ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=33730156&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=&playerSize=400x225&loc=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
x-sticky-debug: Request blocked, limitation reached
Date: Mon, 04 Sep 2023 07:36:02 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 04 Sep 2023 07:36:02 GMT

GET
H/1.1 200
OK 33730154 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 709 B
1 KB 88ms
41ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/33730154?supportsJavascript=true&supportsFlash=true
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: 6d0b2dd6a286dbb2738912806a31ea3ab9f7e956cae9e7c8f36d87c4239100b2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:36:02 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 709
x-sticky-vk: 1693812962505053-10
Expires: Mon, 04 Sep 2023 07:36:02 GMT

GET
H/1.1 200
OK 7585793 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 800 B
1 KB 104ms
44ms XHR
application/xml 42.99.140.208
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.208 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-208.pacnet.net
Software: nginx /
Resource Hash: 6c60ada28445e7586a769a2d8b030b422212a008044952eb0ab34297de7c65cf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Sep 2023 07:36:02 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://gq.globo.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 800
x-sticky-vk: 1693812962520066-46
Expires: Mon, 04 Sep 2023 07:36:02 GMT

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
487 B 563ms
555ms XHR
text/xml 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&gdpr=0&gdpr_consent=&cb=735737&schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da18:9ea:6f16:8c2c:996a:e419:ba1e , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
content-encoding: gzip
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://gq.globo.com
content-type: text/xml;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
305 B 193ms
185ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=473012&zone_id=2804598&size_id=203&p_aso.video.protocols=2,5,3,6,7,8,11,12&p_aso.video.maxduration=250&p_aso.video.mimes=application/javascript,video/3gpp,video/mp4,video/webm,video/x-flv&p_aso.video.playbackmethod=2&p_aso.video.api=2,7,8,9&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&gdpr=0&gdpr_consent=
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 50625

GET
H2 200 vast.xml Show response
optimized-by.rubiconproject.com/a/api/ 28 B
306 B 109ms
102ms XHR
application/xml 18.138.108.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=0&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C21915%2C1%2C%2C&tg_c.language=en-US&width=400&height=225
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.108.233 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-108-233.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.4 /
Resource Hash: 460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
date: Mon, 04 Sep 2023 07:36:02 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://gq.globo.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 28
x-http2-stream-id: 569127

POST
H2 404 gq
horizon-track.globo.com/event/ 0
0 229ms
228ms Ping
text/html 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/gq
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_b002e0039b9f46a5a4a94ff667d31e2d/assets/dist/d2bdc2678d18edab60e99f79608e5acb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHJBLIHEQWUFTvf9c

Response headers

GET
H/1.1 204
No Content rtb Show response
a.vidoomy.com/api/rtbserver/ 0
362 B 514ms
177ms Fetch
text/plain 212.36.83.246
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/rtb?id=716542&w=400&h=225&skip=1&req_type=1&ip=209.58.162.198&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&l=en-US&dt=2&c=SG&pid=21915&sid=21485&sname=gq.globo.com_21485&d=globo.com&sp=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&coppa=&gdpr=0&gdprcs=&vpaid=1
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.246 Terrassa, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb2.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Mon, 04 Sep 2023 07:36:03 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://gq.globo.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 editoraglobo
horizon-track.globo.com/event/ 0
362 B 228ms
227ms Ping
text/plain 35.211.79.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://horizon-track.globo.com/event/editoraglobo
Requested by: Host: s3.glbimg.com
URL: https://s3.glbimg.com/v1/AUTH_da787d4f4e8d46e3ad76d5fa568fe786/horizon-client/horizon-common-hit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.79.33 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 33.79.211.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gq.globo.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryc3ySXAweUTNHNyU7

Response headers

date: Mon, 04 Sep 2023 07:36:03 GMT
x-served-from: hzt-tsuru
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gq.globo.com
access-control-allow-credentials: true
access-control-allow-headers: user,User-Agent,Content-Type,GLBID,GLBUID,GST
content-length: 0

GET
H2 200 PMAdMgr.js Show response
vpaid.pubmatic.com/ads/video/ Frame B33F 159 KB
38 KB 41ms
41ms Script
application/javascript 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=433227
Requested by: Host: vpaid.vidoomy.com
URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:04 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 05:15:25 GMT
server: Apache
etag: "27bcd-5f762218e8e3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
content-length: 38303

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 0D49 39 KB
15 KB 41ms
41ms Document
text/html 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=433227
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f50947985c34238f2ffc1dd18026d8f434e7a63e8eb3f75822778218c940ac0c

Request headers

Referer: https://gq.globo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=172473
content-encoding: gzip
content-length: 14534
content-type: text/html
date: Mon, 04 Sep 2023 07:36:04 GMT
expires: Wed, 06 Sep 2023 07:30:37 GMT
last-modified: Fri, 01 Sep 2023 11:42:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B33F 39 KB
15 KB 48ms
47ms Script
text/html 23.200.148.244
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by: Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0=&gdpr_consent=&kadpageurl=https%3A%2F%2Fgq.globo.com%2Ftecnologia%2Fnoticia%2F2023%2F08%2Fbrecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml&cb=433227
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.200.148.244 Kowloon, Hong Kong, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-148-244.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f50947985c34238f2ffc1dd18026d8f434e7a63e8eb3f75822778218c940ac0c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://gq.globo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 07:36:04 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:42:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=172473
accept-ranges: bytes
content-length: 14534
expires: Wed, 06 Sep 2023 07:30:37 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0D49 2 KB
2 KB 4ms
4ms Script
text/html 67.199.150.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=40938039&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.81 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: f8ec0b36e70cded8f6a4e33959341e2ae887aa802a6c9a59ab692f6cd3012f40

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 04 Sep 2023 07:36:04 GMT
content-length: 1607
content-type: text/html; charset=UTF-8

GET send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame A2DA 0
0

GET sync
t.adx.opera.com/pub/ Frame 0F92 0
0

GET pxd
dps.jp.cinarra.com/ Frame 130F 0
0

GET bridge
cm.adgrx.com/ Frame D201 0
0

GET i.match
a.tribalfusion.com/ Frame 1D6B 0
0

GET 141
match.deepintent.com/usersync/ Frame EF88 0
0

GET cookiesync
core.iprom.net/ Frame FF05 0
0

GET /
csync.loopme.me/ Frame 8B5D 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 9D31
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8w2sC0I21QD47W5&gdpr=0&gdpr_consent=

42 B
298 B

4ms
4ms

Document
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8w2sC0I21QD47W5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:36:04 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 04 Sep 2023 07:36:04 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:8w2sC0I21QD47W5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-09d5f3eb327961841@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 0D49
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7147641075961760124

42 B
95 B

7ms
7ms

Image
image/gif

67.199.150.86
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7147641075961760124
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol: H2
Server: 67.199.150.86 , Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 04 Sep 2023 07:36:04 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 04 Sep 2023 07:36:04 GMT
an-x-request-uuid: 7baacbb8-4909-4c6e-88cf-b89ee401b095
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7147641075961760124
x-proxy-origin: 209.58.162.198; 209.58.162.198; 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: globo-mab.globo.com
URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:gq:desktop:multicontent:ep/chooseAndIncrement

Domain: globo-mab.globo.com
URL: https://globo-mab.globo.com/mab/bastian-advwblt-r5:gq:desktop:multicontent:dinamico/chooseAndIncrement

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=15D3647D-BF39-4C17-BA6A-452D2700178D&sInitiator=external&gdpr=0&gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-registering?userId=AAH-xE7J6xIAACZMnHlPOA&dataProviderId=817&gdpr=0

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=

Domain: pippio.com
URL: https://pippio.com/api/sync?pid=5324&it=1&iv=425a967a70c16aa32a1d6d06d33b7f198f25cc03a4bc7a47acfa89557be3397d791426b5417dce21&_=2

Domain: pubmatic-match.dotomi.com
URL: https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=3040eca01acc24c6&is_secure=true&networkId=17100&version=1&nuid=15D3647D-BF39-4C17-BA6A-452D2700178D&gdpr=0&gdpr_consent=

Domain: sync-dsp.ad-m.asia
URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D

Domain: t.adx.opera.com
URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912

Domain: dps.jp.cinarra.com
URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=15D3647D-BF39-4C17-BA6A-452D2700178D

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=

Domain: a.tribalfusion.com
URL: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=

Domain: core.iprom.net
URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Verdicts & Comments Add Verdict or Comment

436 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

105 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gq.globo.com/tecnologia/noticia/2023/08	1970-01-20 14:30:14	Name: _gada_ses.04d1 Value: *
gq.globo.com/tecnologia/noticia/2023/08	1970-01-21 00:06:12	Name: _gada_id.04d1 Value: 39196fbd-c194-4b4c-989b-8fa16736b771.1693812951.1.1693812951.1693812951.13dec34d-8c77-44ef-92d9-dc9394ba9a6d
gq.globo.com/tecnologia/noticia/2023/08	1970-01-20 14:31:39	Name: privAu Value: 0
id.globo.com/auth/realms/globo.com/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID Value: ffde8fd6-b1a9-41fb-87f6-7148f1f986c9.mig-rhsso-cache-prod-mhsl
id.globo.com/auth/realms/globo.com/	1969-12-31 23:59:59	Name: AUTH_SESSION_ID_LEGACY Value: ffde8fd6-b1a9-41fb-87f6-7148f1f986c9.mig-rhsso-cache-prod-mhsl
.scorecardresearch.com/	1970-01-21 00:06:12	Name: UID Value: 175665ec2ea22f1ec67e8131693812949
.criteo.com/	1970-01-20 23:51:48	Name: uid Value: acfe6e08-8a2f-4d71-b7d2-9758d1abf7fb
.openx.net/	1970-01-20 23:15:48	Name: i Value: ce064cc6-b6c9-4254-9e80-8ac5072900d6\|1693812950
.globo.com/	1970-01-20 23:51:48	Name: cto_bundle Value: x5urEV9wUkRYYmkwZzBSVCUyRkZ1NyUyQkI0eVllOHNqUHV3S25GRmNrbFpZM2ZBSmhQQVdNZDB0YkNxa1pScG1OWDZDa0VHUWpHNzVuOURMOEhPdVZhWEhsWWEzZSUyQmtXS09KQzVCYmRJWWNZTGNKSmlORyUyRkxKdExrMld4JTJCV0Z4bXBqNVNxNTJmcXFRdFh1cEtsWVhkTWVvMDhTVzJnJTNEJTNE
.doubleclick.net/	1970-01-21 00:06:12	Name: IDE Value: AHWqTUlDDZKZnmUs3lUj66wTBjM_VzBUn6jg35YgMGuG6gUjuA1paF2pUjCzB4M69zs
.globo.com/	1970-01-20 14:30:12	Name: lotame_domain_check Value: globo.com
.openx.net/	1970-01-20 14:51:48	Name: pd Value: v2\|1693812950\|jElYiuvOhI
.doubleclick.net/	1970-01-20 14:30:13	Name: test_cookie Value: CheckForPermission
.crwdcntrl.net/	1970-01-20 20:58:59	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 20:58:59	Name: _cc_id Value: 9733ca360df7662adf6d203a841242a4
.globo.com/	1970-01-20 20:59:00	Name: _cc_id Value: 9733ca360df7662adf6d203a841242a4
.globo.com/	1970-01-20 14:40:17	Name: panoramaId_expiry Value: 1694417750721
.globo.com/	1970-01-20 14:40:17	Name: panoramaId Value: 3365663ec0beac59c0e6e5da720a16d53938fcaad5c259d70b4b842ee5bbddcb
.globo.com/	1970-01-20 14:40:17	Name: panoramaIdType Value: panoIndiv
.adsrvr.org/	1970-01-20 23:17:15	Name: TDID Value: 63abc881-6622-4257-b82d-9cf12807b118
.openx.net/	1970-01-20 14:51:48	Name: univ_id Value: 537072971\|63abc881-6622-4257-b82d-9cf12807b118\|1693812950773133
.globo.com/	1970-01-20 23:51:48	Name: __gads Value: ID=f3d28c06b9898686:T=1693812950:RT=1693812950:S=ALNI_MbfqVk67WZ-9R8Kp_hAXLZl5TS0Ng
.globo.com/	1970-01-20 23:51:48	Name: __gpi Value: UID=00000c3b429716ed:T=1693812950:RT=1693812950:S=ALNI_MYTEzGkRbqCWD6mUe-MY7A6Ya7Cwg
.globo.com/	1970-01-20 23:16:09	Name: kppid Value: 818712021714011611130
.globo.com/	1970-01-20 14:30:14	Name: hsid Value: 3094e4fe-756d-4626-ab27-6d5a4dcc2242
.socdm.com/	1970-01-21 00:06:12	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjkzODEyOTUwfQ
.doubleclick.net/	1970-01-20 18:49:24	Name: APC Value: AfxxVi5lQ6Hln2sm2XK0HMCvmTsj32nEF64JyFBZHpF9FsWKkzJHpg
.globo.com/	1969-12-31 23:59:59	Name: GLBEXP Value: AsquOZ7lOicfhunBH4coW+qD2qv5ERcmDEGRwNT3IbkGzzD+EZS5U4mRkWsmmM/1
cdn.taboola.com/	1970-01-20 14:30:23	Name: abLdr Value: 23
.ladsp.com/	1970-01-20 14:30:16	Name: cr Value: 1
gq.globo.com/	1970-01-20 15:13:24	Name: _pbjs_userid_consent_data Value: 3524755945110770
.globo.com/	1970-01-20 15:13:24	Name: pbjs_sharedId Value: d60badf4-4f14-4d9e-9570-33944ca7b066
.rubiconproject.com/	1970-01-20 23:15:48	Name: khaos Value: LM4KHXZC-V-BP7U
.rubiconproject.com/	1970-01-20 23:15:48	Name: audit Value: 1\|UoylroWAXbwvsYHQswFNCw7shD3y4nqpXeP0o29vf0SJl7/YsOb2JStjcSK4hMWOgjv5Tb3S7ZBCqQ3+tQhlLHMDvubSxZCGXj6Gz0cmwXG9bLO2r+CnMe+mghnxd5oLKQwvqikbQ8ZsRXFuD1ir9Q==
gq.globo.com/	1970-01-20 14:31:39	Name: vido_visitor_id Value: 6abd56886c9ae29719444a877d576beb
.ladsp.com/	1970-01-21 00:06:12	Name: smn_uid Value: Oqsn95AKddc2rqVNtvQjsA-yJgxYlIM
.ladsp.com/	1970-01-21 00:06:12	Name: lum Value: CIOU-vilMRIFCAMQ0AU
.bidswitch.net/	1970-01-20 23:15:48	Name: tuuid Value: 528fc541-7a21-468e-865f-9e23c888f546
.bidswitch.net/	1970-01-20 23:15:48	Name: c Value: 1693812951
.bidswitch.net/	1970-01-20 23:15:48	Name: tuuid_lu Value: 1693812951
.quantserve.com/	1970-01-21 00:00:27	Name: mc Value: 64f588d7-d00b8-0de61-49d41
.globo.com/	1970-01-20 23:54:41	Name: __qca Value: P0-1531790446-1693812951381
.vidoomy.com/	1970-01-20 23:15:48	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjUyOGZjNTQxLTdhMjEtNDY4ZS04NjVmLTllMjNjODg4ZjU0NiIsImV4cGlyZXMiOjE2OTY0MDQ5NTJ9fX0=
.globo.com/	1970-01-21 00:06:12	Name: _ga_1ZN2PMPQGQ Value: GS1.1.1693812952.1.0.1693812952.0.0.0
.globo.com/	1970-01-20 15:13:24	Name: _pc_randomCookieForPiano Value: cookieA
.globo.com/	1970-01-20 23:59:00	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIBYB2AVgDYAjDy4AmQVz4AOESIEc%2BAThABfIA
.globo.com/	1970-01-20 23:59:00	Name: _pcid Value: %7B%22browserId%22%3A%22lm4khyz3vqssgkdu%22%7D
.globo.com/	1970-01-20 23:59:00	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.piano.io/	1970-01-20 14:30:14	Name: __cf_bm Value: Lx7xVGlGafF2LFp8AQDId5FMMT5vL4pD6C5FIEw.faU-1693812953-0-AVUyG9qVlDObaFkvLN6X3ICzwzGHVMiisEeeuSc45Y9jHd4g+r4X7ej1kLDAB4srkJ96Y8I8AA8N2DyaOJHJzGU=
.globo.com/	1970-01-21 00:06:12	Name: __tbc Value: %7Bkpex%7DMUsXW-9vX0qoTmtkJBnzMZjuIPIcRCkch5bd1eQl09TOfe97V6sqLXT1dCNQV9W9
.globo.com/	1970-01-20 15:13:24	Name: __pat Value: -10800000
.globo.com/	1970-01-20 14:31:39	Name: __pvi Value: eyJpZCI6InYtbG00a2h5emE5a2kyMHN3aiIsImRvbWFpbiI6Ii5nbG9iby5jb20iLCJ0aW1lIjoxNjkzODEyOTUzMjE1fQ%3D%3D
.globo.com/	1970-01-21 00:06:12	Name: xbc Value: %7Bkpex%7DxICHj1gd_SuCQNp1XWkA0U_DKJganTbMUPYJng_0ybjaFw85S5Bq_ztgBENf4ztcLMAdI8ftechrIs1I8nABzEsdAkG4aXJ6_Z0CbA8j15KvfUKGnZFVmOTxfeVdODQTeRrBbNhC79VXikGLL4Ji3si_JRhXrc-JplcJtLYnyJ-bvBneONu1NJaWWhKiTe1og6BFVYjxk8pc1_IYQm81K5L0srEVn45GFyHCORxYNUf4_Wo4HjdJhQbdDHi0ONfFNldjep9I6_15RZ3hfHvl-AH8F4KjUjqq27eTZg1VnwU
.globo.com/	1970-01-20 23:59:00	Name: cX_P Value: lm4khyz3vqssgkdu
.globo.com/	1970-01-20 23:15:48	Name: nav13574 Value: 13449a5ff8f88e73517dd77f7910\|2_248
.navdmp.com/	1970-01-21 00:06:12	Name: nid Value: 13449a417237df6a8e0be2339610\|0\|274
.globo.com/	1970-01-20 23:15:48	Name: nav46169 Value: 13449a4172354427be86a13da410\|2_248
.globo.com/	1970-01-20 14:30:16	Name: AMP_TOKEN Value: %24NOT_FOUND
.globo.com/	1970-01-21 00:06:12	Name: _ga Value: GA1.2.1120136905.1693812950
.globo.com/	1970-01-20 14:31:39	Name: _gid Value: GA1.2.416500413.1693812953
.globo.com/	1970-01-20 14:30:13	Name: _dc_gtm_UA-21942769-1 Value: 1
gq.globo.com/	1970-01-20 14:30:13	Name: __adblocker Value: false
.globo.com/	1970-01-20 18:52:17	Name: permutive-id Value: 2112858a-ddd4-4263-8de5-74b0cfa84727
.tinypass.com/	1970-01-21 00:06:12	Name: LANG Value: en_US
.globo.com/	1970-01-20 23:08:26	Name: glb_uid Value: "U9zeWijpuxgvTn6tbQ69ge5e_FCdJol6kxZVARaDRhg="
cocoon.globo.com/	1969-12-31 23:59:59	Name: GCLB Value: "f34ba6aef33dcb86"
.d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co/	1970-01-20 16:41:15	Name: pxid Value: 51fd33b2-4080-4bf2-b439-a39442e39f00
.tinypass.com/	1970-01-20 14:31:39	Name: LANG_CHANGED Value: en_US
.krxd.net/	1970-01-20 18:49:24	Name: _kuid_ Value: PxoXdwtm
.springserve.com/	1970-01-20 15:10:32	Name: ssid Value: 4af0359d-2a32-44f2-89f6-c50ae42c7b60
.springserve.com/	1970-01-20 15:10:32	Name: sst Value: 1693812954341
.tremorhub.com/	1970-01-20 23:16:09	Name: tvid Value: bb48b1f5750648eca4641ce1411b1944
.cxense.com/	1970-01-20 23:15:48	Name: gckp Value: 1da61mx1pzfyq3n756n67bl6oa
.globo.com/	1970-01-20 23:59:00	Name: cX_G Value: cx%3A1pj185ki9h6312j1dzjazcxn5a%3A2pi637v3socpq
.tremorhub.com/	1970-01-20 14:30:13	Name: tvrg_61061 Value: 1,1693812954
.ads.stickyadstv.com/	1970-01-20 15:13:24	Name: UID Value: e7159bf5a3f58b18bdd5ac4325c9c151
.pubmatic.com/	1970-01-20 23:15:48	Name: KADUSERCOOKIE Value: 15D3647D-BF39-4C17-BA6A-452D2700178D
.pubmatic.com/	1970-01-20 16:39:48	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 14:31:39	Name: pi Value: 156498:2
.pubmatic.com/	1970-01-20 16:39:48	Name: DPSync3 Value: 1694995200%3A201_245_226%7C1693872000%3A248
.pubmatic.com/	1970-01-20 16:39:48	Name: SyncRTB3 Value: 1694995200%3A13_54_247_220_71_8_3_21%7C1694390400%3A223%7C1694649600%3A63
.quantserve.com/	1970-01-20 16:39:48	Name: d Value: EIYBCwHvKfijAA
.adnxs.com/	1970-01-20 16:39:48	Name: uuid2 Value: 7147641075961760124
.ambientdsp.com/	1970-01-20 14:31:39	Name: _aGeoIp Value: SG-Singapore
.ambientdsp.com/	1970-01-21 00:06:12	Name: _aUID Value: 11gap694bzwu
.pubmatic.com/	1970-01-20 16:39:48	Name: KRTBCOOKIE_57 Value: 22776-7147641075961760124&KRTB&23339-7147641075961760124
.pubmatic.com/	1970-01-20 15:13:24	Name: KRTBCOOKIE_1290 Value: 23368-11gap694bzwu
.pubmatic.com/	1970-01-20 16:39:48	Name: KRTBCOOKIE_377 Value: 6810-63abc881-6622-4257-b82d-9cf12807b118&KRTB&22918-63abc881-6622-4257-b82d-9cf12807b118&KRTB&23031-63abc881-6622-4257-b82d-9cf12807b118
.pubmatic.com/	1970-01-20 16:39:48	Name: KRTBCOOKIE_153 Value: 1923-ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT&KRTB&19420-ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT&KRTB&22979-ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT&KRTB&23403-ZusSrmjnEKx9u0SrMudZqzS6Qqp9603_ZO5IVSLT
.analytics.yahoo.com/	1970-01-20 23:15:48	Name: IDSYNC Value: 18z8~2dq7
.yahoo.com/	1970-01-20 23:16:10	Name: A3 Value: d=AQABBNyI9WQCELRX5BjbXqyY7SCsKT93pGYFEgEBAQHa9mT_ZK9E8HgB_eMAAA&S=AQAAAgD1ej_9wvICmDC3tZPEd7s
.pubmatic.com/	1970-01-20 16:39:48	Name: KRTBCOOKIE_80 Value: 22987-CAESEK_qGisUA51NlyRqaYtX8XU&KRTB&23025-CAESEK_qGisUA51NlyRqaYtX8XU&KRTB&23386-CAESEK_qGisUA51NlyRqaYtX8XU
.tapad.com/	1970-01-20 15:56:36	Name: TapAd_TS Value: 1693812956759
.tapad.com/	1970-01-20 15:56:36	Name: TapAd_DID Value: 856cd62a-cc5e-4c78-bb91-4f8524c0cd57
.aralego.com/	1970-01-20 22:45:58	Name: sspid Value: dc7c5309-b517-3cb7-a9d6-60853798150e
.adsrvr.org/	1970-01-20 23:17:15	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjehoPA88iWPBAFEhQKBXRhcGFkEgsI_KKgwfPIljwQBRgBIAEoAjILCPyao-6JyZY8EAU4AVoFdGFwYWRgAg..
.tapad.com/	1970-01-20 15:56:36	Name: TapAd_3WAY_SYNCS Value: 1!5935
.pubmatic.com/	1970-01-20 16:39:48	Name: KRTBCOOKIE_466 Value: 16530-528fc541-7a21-468e-865f-9e23c888f546
.pubmatic.com/	1970-01-20 16:39:48	Name: PUBMDCID Value: 4
.pubmatic.com/	1970-01-20 16:39:48	Name: pp Value: 156498
.pubmatic.com/	1970-01-20 14:31:39	Name: PMDTSHR Value: cat:
.simpli.fi/	1970-01-20 23:17:15	Name: suid Value: 31EF1852B459412FA28E95F3DF011E40
.pubmatic.com/	1970-01-20 15:13:24	Name: KRTBCOOKIE_148 Value: 19421-uid:31EF1852B459412FA28E95F3DF011E40&KRTB&23486-uid:31EF1852B459412FA28E95F3DF011E40&KRTB&23489-uid:31EF1852B459412FA28E95F3DF011E40
.pubmatic.com/	1970-01-20 15:13:24	Name: PugT Value: 1693812955
.pubmatic.com/	1970-01-20 15:13:24	Name: SPugT Value: 1693812958

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml(Line 475) Message: Error: <svg> attribute width: Unexpected end of attribute. Expected length, "".
rendering	error	URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml(Line 475) Message: Error: <svg> attribute height: Unexpected end of attribute. Expected length, "".
rendering	error	URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml(Line 475) Message: Error: <rect> attribute width: Unexpected end of attribute. Expected length, "".
rendering	error	URL: https://gq.globo.com/tecnologia/noticia/2023/08/brecha-site-acompanhantes-fatal-model-informacoes-pessoais.ghtml(Line 475) Message: Error: <rect> attribute height: Unexpected end of attribute. Expected length, "".
network	error	URL: https://horizon-track.globo.com/event/gq Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://buy.tinypass.com/checkout/template/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://buy.tinypass.com/checkout/template/style.css Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null&_bee_ppp=1 Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://ads.stickyadstv.com/user-registering?userId=AAH-xE7J6xIAACZMnHlPOA&dataProviderId=817&gdpr=0 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://horizon-track.globo.com/event/gq Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://vpaid.vidoomy.com/player/latest/vidoomy-player.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
4cywq-eqnre.ads.tremorhub.com
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.rubiconproject.com
ads.stickyadstv.com
ads.vidoomy.com
adx.adform.net
ampcid.google.com
ampcid.google.com.sg
api.permutive.com
audio4.audima.co
aws.vidoomy.com
barra.globo.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
buy.tinypass.com
c1.adform.net
c2.piano.io
cdn-ima.33across.com
cdn.ampproject.org
cdn.cxense.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.navdmp.com
cdn.permutive.com
cdn.stickyadstv.com
cdn.taboola.com
cdn.tinypass.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
cocoon.globo.com
comcluster.cxense.com
core.iprom.net
cr-p3.ladsp.com
csync.loopme.me
d39f98ec-9259-4f8b-896d-7ab58be1f900.edge.permutive.app
d39f98ec-9259-4f8b-896d-7ab58be1f900.prmutv.co
dc6b241228a425d8dce77511b744b85e.safeframe.googlesyndication.com
dis.criteo.com
dps.jp.cinarra.com
eb2.3lift.com
eus.rubiconproject.com
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
globo-ab.globo.com
globo-mab.globo.com
gocm.c.appier.net
google-bidout-d.openx.net
gq.globo.com
gum.criteo.com
horizon-schemas.globo.com
horizon-track.globo.com
horizon.globo.com
ib.adnxs.com
id.cxense.com
id.globo.com
id5-sync.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
imprsgmp.taboola.com
inv-nets.admixer.net
invstatic101.creativecdn.com
ipac.ctnsnet.com
ivccf.ivcbrasil.org.br
jp-u.openx.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
optimized-by.rubiconproject.com
p.glbimg.com
p1cluster.cxense.com
pippio.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm-widget.taboola.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.glbimg.com
s.seedtag.com
s2-gq.glbimg.com
s3.glbimg.com
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sg-match.taboola.com
sg-trc-events.taboola.com
sg-vid-events.taboola.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
st.pubmatic.com
static.criteo.net
static.infoglobo.com.br
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-t1.taboola.com
sync-tm.everesttech.net
sync.aralego.com
sync.crwdcntrl.net
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
t.seedtag.com
tag.navdmp.com
tags.crwdcntrl.net
tags.t.tailtarget.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trace.popin.cc
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usergate.globo.com
usr.navdmp.com
vid-io-cle.springserve.com
vid-io-dub.springserve.com
vid-io-iad.springserve.com
vid.pubmatic.com
vid.springserve.com
vidoomy-d.openx.net
vidstat.taboola.com
vpaid.pubmatic.com
vpaid.springserve.com
vpaid.vidoomy.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.npttech.com
x.bidswitch.net
a.tribalfusion.com
ads.stickyadstv.com
cm.adgrx.com
core.iprom.net
csync.loopme.me
dps.jp.cinarra.com
globo-mab.globo.com
match.deepintent.com
pippio.com
pubmatic-match.dotomi.com
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.srv.stackadapt.com
t.adx.opera.com
uipglob.semasio.net
103.43.90.179
104.16.112.121
104.19.150.54
124.146.215.46
13.228.234.186
13.250.188.75
139.162.40.113
141.226.224.32
141.226.229.48
147.75.95.77
151.101.1.44
151.101.193.44
162.19.138.116
172.64.152.89
18.138.108.233
18.138.18.111
18.138.97.44
18.142.88.219
18.143.106.89
18.197.253.159
182.161.73.136
182.161.73.146
185.84.60.21
186.192.81.117
186.192.90.3
186.192.91.5
186.192.91.9
2001:df2:a300:bbbb::135
201.7.177.252
207.65.33.76
207.65.33.84
209.191.163.210
209.58.168.56
212.36.83.246
23.106.127.164
23.106.127.39
23.108.103.8
23.200.148.244
23.36.254.89
23.76.212.194
2404:6800:4003:c00::9d
2404:6800:4003:c01::9d
2404:6800:4003:c02::61
2404:6800:4003:c03::5f
2404:6800:4003:c03::63
2404:6800:4003:c03::84
2404:6800:4003:c03::8b
2404:6800:4003:c03::9d
2404:6800:4003:c04::5f
2404:6800:4003:c05::84
2404:6800:4003:c0f::64
2404:6800:4003:c0f::8a
2404:6800:4003:c1a::84
2404:6800:4003:c1a::cf
2404:6800:4003:c1c::5e
2406:2600:7:100::1
2406:2600:7:100::9
2406:da18:929:5a00:deb2:8da2:9e0e:3934
2406:da18:9ea:6f16:8c2c:996a:e419:ba1e
2600:1417:3f::1732:e8ce
2600:1417:3f:bbd::268b
2600:1f14:c96:cd00:31d1:394f:8c7a:d327
2600:9000:2175:7a00:6:44e3:f8c0:93a1
2600:9000:23d0:f400:15:6f6c:b180:93a1
2606:4700:10::ac43:266a
2606:4700:3032::6815:1d69
2606:4700:4400::6812:29aa
2606:4700::6810:ef3
2606:4700::6811:190e
2606:4700::6811:c276
2606:4700::6812:b07e
2606:4700::6812:dff8
2606:4700:e2::ac40:8f26
2620:116:800e:21:a878:7c6e:cf7b:3362
2620:1ec:21::14
2a02:6ea0:d100::13
2a04:4e42:400::485
3.126.166.0
3.160.188.50
3.19.54.139
34.102.146.192
34.102.253.54
34.107.254.252
34.110.201.227
34.111.113.62
34.120.107.143
34.149.50.64
34.151.224.123
34.210.191.15
34.95.229.88
34.96.70.87
34.98.64.218
35.186.154.107
35.186.193.173
35.198.44.170
35.201.123.184
35.208.249.213
35.211.79.33
35.213.12.39
35.213.89.133
35.230.38.116
35.241.9.51
35.244.153.86
35.244.159.8
35.71.178.8
37.157.2.234
42.99.140.208
44.210.174.132
52.17.186.143
52.223.40.198
52.27.26.215
52.46.128.147
52.94.222.140
54.148.231.196
54.158.55.205
54.192.111.34
54.230.112.53
54.248.182.252
54.93.143.127
64.233.170.156
67.199.150.81
67.199.150.85
67.199.150.86
67.199.150.94
69.173.158.64
74.125.24.148
74.214.196.131
8.43.72.98
82.145.213.8
00306ed1a76f9baacca87d4b61310bd37f23399c65fb3e8a0636a9373ac72a51
01e8674c0842de3c129db7f8a328f9660b0a450c685860b0af45683fde348a32
0348978a435efe42a3f0032226082bc4aedb9c569a9f387e8843a468c455c189
0349d05bbde38108259c26c6a765b63ec5484f62db90ef513da5378cdf835a60
03bd05cfb6d0789c54678927cfbd8d3ab3c9b721cee69b3dec80dc9c521149dc
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
09297072c7827d311cfb9199dc4a055ad04f737857954c567957d67f13512a47
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e1b203cc72c4022571c759d7f39e0a2252f2c02b856b9e41ca757ffecc48793
0f542b3b98cad1981a4429a7fca302c9ac09632ae83ff3419ed8ea8ccf3b9295
10c0057cc47dd75aad5f076c542c1ff1958be361e16f6b33fda2b98cd36a054e
1168c8abfe02845289bb55fd1091f344ddc7b63f7d4c5e95c895b72b4bca982d
11ddaa56734f2d28feadcb817490ce7eea38371fc6b70d15d01f8a5b5dd3190f
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
171a128c043d930abdd29b98c54e26baa4c852db3404d78b948fe0ff948a4a19
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188ad1f5f1635b83df77cd27805c09bf37ec353c01f8bd731c8624612f28f353
1b2a737d4607b99a0b4cf13c7758aa11fdfc80b4e86b79b7b6a66ab692ca478e
1b7c29abdfb5a7ab3c95922a9be76c1d6e276d13c0d24d06731b6d4908f0fdad
1c28a454e868aaaea5b4d03ecf9355cf8d3bec3ae3d712e08b3c2449c511808c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dc118c68570ac106df5c43e5588c5b94d18caf4aa9e4d8d52792037cc16b980
1eb0c17ae4d8ff4f57688bf3250c57c6857252b4cf41a1dd0fa01c0597c43f45
216c8994eeb343b3588f234794df0cca8958d6c72b01b510b4156bc2d03a3840
22428fb49c21949ab10e6e9dff58fa10edaa9683bd6d0efbb9282c3cdd5583b9
235797af92cf2063b6a8569d12511653473b02336b84213d35a481cc8c5579c9
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a0f282208d7449401593cb7d39d1d5101310844b49a8e8622acdd7052f6ad6c
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c5119771775c9659600bd1bd5910143cd16bfa92268a52087e46fb8642f0725
2cf68b0f96497a6c432653e7b0ab42cb383f804f6bff63ecc7e38b2244b18d7b
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2faeb72dc6c6dd034ad0fe3a1326105213eb42cc9fdde9560f645ee2dd1c4c2c
2fba4b98ccf67203f312371d0f0e4bbab645ccaea30d9cc90a80f0daefe1bfa5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
3211f0105eedb5873f087c4d715050124d6891cd2746f9e28b78759a80a818ca
32614df45b4c2d2357982f5cdf04a4fbec898e6b997479a954c2ab5fe05dc30c
3264f08febfa6c7ec9954cf2698381e52403f77df60d81f9692946cb19b1f347
344a3f20ef266859578f11065f8834b44db13f7df3b2b4c66533c16241f22be5
359e946a6cfa0adc4343b78a4d521d2b7eec07e0d9c2c6f2f99a0f985589907b
362d26569e4ce1a6a529a7437be6f359b155de2ae2a0e6d575c070d08375feb5
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
384bc9d733726a49e18885c96e91d708d0209c4cce974fce6f20a55615252cff
38c2da47101d601fc032750c97d8009c62e5d84606fbdb57709a0424c1b11d34
39071142a3241a4893fcf57fbc949362ced12aa74326a9224142bbcb6c8fc773
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3945a98e43cd2167bfa9e8385ffa54335b9a393fa66af78f9b9deba11bd87470
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03
3bef95cee00ad81036f449f425e56247e368fb1c6c2c72848ca2d1eda2172ca5
3c20914598c73335f8ee2f206fa1518982b6a036d392881a3f18701a1f7576ee
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef04f2dcc40da8bb147890b9aad96226424b5fbf884b5eae0d1e1c64654f5ca
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404e669274ccd79a0b7f0b4128c3828ce995f2ff7ab66b1e1ae6027a2f2bf61b
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
41d5ae0ea40a5cd3c07dc9fadbfea4465b63666ffea46cfb9435d651d0cf68a0
41fd4ed5ad93e39cd84d043e905e66e3bbb9dbb50cf2d7bbf68bfeef79f3d3cc
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
4378556aebb978453bc3e1fad54835a5b4721bed1c30af45ec936fc402befb08
44525360034bd6482d92040efda9258e2389b623d79789a36f2605b5967b9978
44761428f9b21598d8ad84cd4221a869c60c7aba02dd2b2e125c858578ef7b66
44ea66fbddd5116848cc54810efdbf4c6bed99fc108e3c625e7c2f186dd1db27
44f7894a7e93437f545cf63f33553f5f854416c2154b861be597d8ea051ccf13
4519a12c51938d44b6fb70c1c57f26ae4ba71628d07c9642703a7eda5276307e
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
4612d7cea0985e7d449aa446530006bb4c91acfd4b2703de36651c54027817a1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
480627cc3006d6707a2ab75bb8eaf6b9c0624630be65a2c1e03f5a617c8388b3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49ae4221940b79ee7bdd9e66294ab086070b15e1fdf913b9379693776ef52ba2
4a798741ab5d1da30eb26d38311b6249de94034ccc610268901ef633098ad3e3
4ad12268da77c77a50ec33f5771a9ef64d33d53335c03a23b3d459be4544b5c2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5a8df78e43e83e6ca4b7af38833a508483d29e3c5332b7dc19a0ac9b27c692
4e6a96a5c44280be459bea9abf1ffdcac5152092503f964b4ef07386c06de81d
4f5d79540978df0d93658495e129ab30baa893e784b85934b131d5297448d459
5149c980f56d9eae4887f58e4ef6bb1eef5d857e7630cba469bb2e0d39a6b187
5389235844652c26c9b47aaa1279803970c136f636055048e0044b8dcb48efe9
54232b45184e7e23d9fc8f12171e5b1d5db43950b77dee4c19cebecd42d029e4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
544c8c97443433f68347f6edcc349597bd02e599fda8d47f38c4959d8be39b8a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549d46480adbf964058610eba1cd8d4ff39c438abf620d4e1482a26c4ff76ecf
54c22dc40c91a025fe9c373dc87b01f334d7de7fcd93f5c8be7ab77233261cf2
54c8caf6db6a934dc4e8f659b245989e2c6ad17350e30afd506164c9773ba36d
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
56a6716bb64bde5c15bdac3991adb587a4234cad6312d35a7fa39ac52a8de7a3
58400f286cb32926e3f78f1fb863b4cee960ee6d2e17bbfa1d91ae6e7d1a9c18
58698b1df5111adb5795526207eb207d993513cf68a9ed94a0507bc7c6958f98
5b33d89b63f0526bc3d87febe6fa085f09521427e58faf605413b50635872ac1
5cdfd76c7fbabcb9a4b57635c7dcacd7c878b9c5f0ecd60a61e4fe42323b6e3b
5ce601e7b4578b3d9889b9f789f0b30ac12eeebb7fc209f5ee61c2a272e89950
5eaa5435c5bea7548dc34969e0115b4b3466618be96c167f030f13a0ae57f90b
60726c256b18851be3a284f3796687d43bc5e9062ba17a41da5da322267c89a2
60935316e139d9604c7afdf3dc68f6159b6d97a12798a5bf309ebe4173c0a626
60b0f8f7a630b8cf83d4c29ddd3e6e614b119208fe97a96cae6dc6311541671b
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
62023892994a076b2eca66194011febfcc294b8cd41084bd243bd97492f1c365
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
63d3cf69c15b7cd3c920edebf2a07ab8b8f8f968aa1d13bb2164e516c5fdaa0b
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
650db7f0fec1fedc718d5b11fac9d32724a82154473e12493bf8986c3cfbb061
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6825bcb275188299e395fa59c964cb0ee5a70f7f6f08cfca7967ae0652346f54
68a4909c6b8a33d5355c1ef06ee9caff0286db5252efedcf509859a82cdc5463
6a0581fe6f48fa98de44bb78ffcc63cf71130a7a6352ce1a44ecfd48c5375e6a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c60ada28445e7586a769a2d8b030b422212a008044952eb0ab34297de7c65cf
6d0b2dd6a286dbb2738912806a31ea3ab9f7e956cae9e7c8f36d87c4239100b2
6dcc223e45eab6e42437ce26ac3fa2779937555988c1d63f5c345542e195a8e4
6df215b9a2f1b4f5e10092923bb034bd581f40596071bfba89f3168e204d031d
6f7b1b54c22724cc22a0a1770ea37a5bccb8564c2bfea871fbb6e726de85ddb0
6fc8c519813ae69ffb5c95d87821ffbc940db1a1a2070bdbfed21d0e53fc4991
70c801797ddb968471bf75da87a5f98f38301acf3fb86b093b1379acc919ac49
71c61f2dfa7f304323163478fe9e1bc1cfe3910382a43142b55f61be5af8c670
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
7306593c4758a9cf5682ca5e78c6a9d87e299f2a817e5284fb210432c8b95659
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
7409ac422e620496ba8c1b9f9a5f786aaf9f8c1c698b3cf3f97f5667a603a14d
740a8b09cd975645126867407e5fe191e2c777b5bcadf5a5d1e0a375c9ce398d
76e9616ad8742d347b042af297f16b971caeca721dd09e79fa2ad81e09e1572c
775807392af29b7a91f1217ab6ed717ba35baaa024bdccc9273321f54ab51bb4
789ce7e79e93307b20feb98fd7c5eaab420173801fe551cd015e301d9e1550fd
78c32e785fc603b0fd073b767f87e410f3db2e4afcd814455eb08ab44e6b4a98
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f1e7751de7211682870afa390d8383cddbf7845eb9d83b700752bc26602a782
8240ed3dcaf1c1611795f87d16760e0b4b31dee02f7d20532b833fe18c4409c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
877c319b8a36e65249be764ce80ef3891edd45848ba3627b95c7499feb0be48d
882ff7936c470295eb10d1483cafddfe87d7a790be68aa8078b8785079ffb655
88a7bc934b7e2796c50114637a0bf36f19244e0cf4e4b70f71db3e878bd15fd0
88f76a04c831251527558db21a76b7b4cb1eee3592fc77318ea17f8f5b57e412
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c591e4c4423edcd4c23f7f740a928eb4d3f8cfb4d72d1758e0255d584b74fb9
8e1abad13842cfce1f10ec038a49780b0c8889d90f314fd084e946536e043f1c
91146956a08681b891390728895476570291f47d291a590bee602890ad93d0ba
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91a8e177e6acd450d41daa32eacee2b3acb9740f762f266d5974dd8211c34a28
93f45bd0df53776d65c03af696f72e8857a3049863b07852ba2998ecce3160a3
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
956bd91287fd5d85b711fd51418e53c6eeb3536134044ce39f67fb20938e160c
958a1068ac6f988010621fb24c6b974fd7064b351cc579c678c1acf0fbd7047f
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991a381656f42dde3845dbda5248792ed6fcf745f8b4fac111d5fff8c44dad98
992e92eb777e645063c2ef4c7a396e5cd6557ac08e33fe3ec15c5bccdd721e1a
99e55638caa101f99a3bc20334cc9f3a2c122c93c87929857f883df2451edd2b
9bf3ec6451a3608f81a88558bccdcaaabf147ceea632f00d3943f1964e1e551d
9d3de624985e9ecec23ccb312f760351cebeca23bee5682b4b506c02427178fe
9f07eb1d3485dabe204a944ab51fd4d7b4f2247c58f170714cfb40ff118af06e
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
a320b9fe035021f1d061a23eff171211b8e0da1bf79a11c36e9fccfe85ce685c
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a3d802214cdaf6276aa13b5b161820bbc80660cf9429124233334b07a2d7978e
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a51690a59260fd30a04d20955e8e5432f7f05f90c13f04c953789d67548a66b8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5471d394e2b47b6aceb8d55414db8f4e4a8ca6a5a75a93fd06687d742ffc106
a5fb71968c62c1e84aebf36c57c13a32cd43d2962a231708a5b0f8a1273d95ab
a68143f3da73f6c1fa44f41c63d9838c830753ea5f0253b3dc983d8e4fba2921
a6d1e9b2162b5b088943376a26a39da5be39d85ed9ea15fa62768b0aa5096877
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a80eae4454fa66280866a7243d2ea51e927c41af8ba045ade41a03f64d1180fa
a9dbff076b37bfae29e95c8163528884ad70173acc4f129edeb40ead09ee3af1
ac121a04ee29cdc5c52c004c59aec3d9e06d82148568c810e15d192fd652623c
b0018456a1767ac34c964706ef617e2fc539d3f19924a4492670aaf26470318e
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b058b5c13c357bc541d105899d43e1f2e0786a81b6650c2127dbd669e9fa4e70
b0b6da5eebb0023cddb0d5fa35708f6f44bd8e3661da0ea0dfa79b00f3e9229f
b0d81e328de9e645b6a36c42324259bfe07cdce8cbfc0fd7e4ee442a848034b3
b0ff3a87ab5596d023e515fc8518e47e5149070dbd32a45b2ce9aba3e2cae7f0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b278d0707c7c9936278e7d2063074ca97ccd8d0350b2b921387bcd295ba2a7ba
b38a557c76e0f42026c5a9ebbd48a48b46366b8ac11fc020219b8591c493f3f9
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b506a750f54f579dad6bbcf6f0394df6f61f01ce3423cf4b4e99f84cefbbbfbb
b61bf93d50349432fb3b57e3c151d695f7db2a8ee95f50089ccf0e13ebd77c42
b62f7ab74f74b11d1d344162e1184473870e4e1d4a02fa94dd189deae310d6fb
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
b81ad1210bf4276e2651563c487f1116410f97232fcf37a85c09dffa25edda2e
b8b076272071919317015839086514ea77ec90a3a30b7d9b587b4765576e965f
b9f6160b7ea7d0645d6201d24919b7289061f8d021e3c245ad5dd7b00ec66ff2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb396c659a45cda460f579b753cf3a53f83eb8198bd344af0a2e2d9030ef910f
bb83da6a830491ce17a79a0553a6b39c6c9b50a74292751f38d9c2050ed50d82
bc2c90a5d930389c9e3f9932904bf42c135e876a072fc08d023544ba7f539186
bcad25958833892d087f72b8d597508f4105d683ebc64756115450ee84585abc
bd9635157199fa498f7eb63cc4416bc833b8bf2295378a1089274d64cac05346
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bf3e4ceb9fbf3c083000e1e9ae238b37b4009c9fa4513e646c0fc9e042ecae16
c076ccfc483015d469eb6782603ea15a8d0d4e4da66c237698ece246b6c3183c
c1159dac7b66b9878bbda053511381f27a651b7b8e955b15c043d3145f14feb2
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c216fe06fcee708fe34a324ea5622f6315dca2ca21ad47dfa38c33c19f4d4cba
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c33e4bdc3308820980d94536d79f4101b9b1783bd7968c314b4239164fd024f9
c637bc70cc671cda4cc4885f7b5f53537f9ded298f7ddcb6a784ca244606f0ea
c6dc0f5dee2a67da2df69cadfd63e71250d0112515dc45213917f6ae66293b25
c7a60bd71e8c8ae0540b1256b0226fdf89d6ee43e372a8c2955979a7e012af8d
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
cc75a88627a2cdb49e6667a5f45758f17c0ef8bdbe028c72aadff5b2b5255a9d
d01b2cf5b15e8ea0ef57c0ccc66a390b354d8dbc11410035fb73eb12ab3ee514
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d0e2b280e2321b8ac40e2524734d3137c3aa118f95390c057f5491e0c4be48e9
d0ed72592b45c24786079cb8ea2bd31df82aa16cc3a15fc3784e0d52d5606678
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d3decc75ba01ec53d1204eee13646967c5ec5ae009d0172ff3a06d38e0c8ef44
d4d44b0aedd2ede33717345624039038de5230e1bdabce04b46386c70764271a
d580ca5afc1def28b3404481cc6d90adf721ad10fb1947c88e4d9edddddfb32e
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
da417b10878ef530228ad8bf0950fbb2cb5471a51aea7491d508af71ba394f09
da5ff741ae5ee748ffd67c75fe2c64b981cb6330814b6239f80012a3b3d01309
daa088cdfbd2777ad43e4fdcd58fe03355d1e20d1f474e2c57c529c5329740b4
dabe40043cf1d77cd46fe459fef8ee265b629092db8f8fbf53d5bc8bd0d1dc90
de27fa38bb1628eabeb3a156b37b6ba28179703fe995aa7c01f7ff1924bdf006
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea42e0f179347a75dd9fa41636bd1fa1ae92397bcde89a1389eeb8c0ace0fca
e0820a07e64f387b7ec526ac89a5556fb35fa95984a7144b242d482fdadf4052
e1acaf1b84c7c6a5a7ae96e4b9cce92c540c0c8ebbb0e56f8ff473917e2e9a72
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e28bc60992e5f126a2343cfaac591284be33200ca85754fab71e1fda5ce6e024
e34949d51114d9e8d6d04ffaf480d2aecc5bf938b184ed034fee5b5840be1004
e388b4953e682ffd744b7b23a8a59007339b0666518ab3f5dc92d8385d7be56a
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f422ae8bc9e4874e20a1d051cc2cde9a2e2f0e84d8a4ef84a82d90b3b5cc79
e53b5588b78b083f303fdf57b94670372449ea228bda092fb90c63729122843f
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e8bf9ccc765b5576c8b86e1f75a308e112cea4c1ead476dcf94720d10fa6fb0d
e95320e2f3a7ed8d307c3730eab9e1072e89a95e19bc48bc412c8dd91f307411
ed35a0a7b8306363784ea4f49b7146c7528dc082dc9571b4223544edf7dbbe27
ee420260003225904493fd72eedfca3cf01fe5dda107b16e70e18eed368d3a55
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00a0f3b8814587f42cb27f519ab69658ca7b3d3b63ecf9f566c3c1efdd3994d
f2275b2e26fa84aa5b18508ae277e22dcb9e7ac2368409371587e1402fe63ae9
f2a6141c4821c70b4cfc843263b84bf42373dfdf99b671fd77c44fc0a0154773
f348c661e980bdadcb9312dcdff1359a4465048061bf224090d75f1a6eaeaa7e
f3de46bf8b430f4547d5bd790c59d895f6be21f82807552ee2a3a12a258925ca
f40f5aae5f579b100046297556b20241064b7df6f453768a2c45448b99faf40d
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
f50947985c34238f2ffc1dd18026d8f434e7a63e8eb3f75822778218c940ac0c
f5c5ce0c7f81e6f7447846a35812ab5ec04121d3a8be95ae73a0b59e40b9665e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b20999bd2a94f2129771aea3c4d9d2098c882633a1e08a14d6b8f9ef49b5ee
f84ea58f017b150e18a4d6be42baa500dec5c56cc6d9749fe6f7bf6ea4b56621
f8ec0b36e70cded8f6a4e33959341e2ae887aa802a6c9a59ab692f6cd3012f40
f9a1fc72c717b4f857dc43024da35c73c329c89ef056dc55c0d24ab607dff5da
f9a8536bd32bcd9ecba5f08463ea344cfbcf4a2e0c1af51ce14089dcd4dbac51
fb0e6e3e60e186538f4ef71b7d9f2d27b1a68be0f4482b568134c3eb6e431787
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb9e476da853bda9fa998c8774214971e88fff36cb7b0ada6a8accbdd022b7e3
fcc64316c5f3a1f5a4adb8183f9bdb4cf1c1e95713781e63c9ae243877f62128
fd4578fd06ef073a255a3725ccd51ad3b356d29ce4b2e3dc536747a3c149d2cd
fddc395c4c2acfbafa362ee5b9d932440a65f7c787fb13e6fab92b107305a218
ff04a1ee8902884e0cddedccd35fe23d7af5568e36b8e666de6b170a16651915

gq.globo.com Open in urlscan Pro 201.7.177.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

466 Requests

83 %HTTPS

29 %IPv6

89 Domains

167 Subdomains

109 IPs

9 Countries

7082 kBTransfer

20971 kBSize

105 Cookies

11 Outgoing links

Redirected requests

466 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gq.globo.com Open in urlscan Pro
201.7.177.252 Public Scan

Screenshot
Live screenshot

Full Image

466
Requests

83 %
HTTPS

29 %
IPv6

89
Domains

167
Subdomains

109
IPs

9
Countries

7082 kB
Transfer

20971 kB
Size

105
Cookies

466 HTTP transactions
15 data transactions