pt.quizur.com Open in urlscan Pro
2606:4700:20::681a:2d8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pt.quizur.com/
Submission: On July 22 via api (July 22nd 2023, 7:09:16 pm UTC) from US — Scanned from DE

Summary HTTP 173 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 45 IPs in 10 countries across 36 domains to perform 173 HTTP transactions. The main IP is 2606:4700:20::681a:2d8, located in United States and belongs to CLOUDFLARENET, US. The main domain is pt.quizur.com.
TLS certificate: Issued by GTS CA 1P5 on June 15th 2023. Valid for: 3 months.

This is the only time pt.quizur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:20:... 2606:4700:20::681a:2d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:244... 2600:9000:244f:6e00:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	23.38.98.27 23.38.98.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	20.119.174.243 20.119.174.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2600:9000:211... 2600:9000:2117:7600:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:3e00:1:aa11:940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	34.254.206.221 34.254.206.221	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:18f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.18.131.145 104.18.131.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.91.28 99.86.91.28	16509 (AMAZON-02) (AMAZON-02)
3 10	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	23.212.89.35 23.212.89.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.177.15.156 108.177.15.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:a400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2600:1f13:800... 2600:1f13:800:7781:b8a7:774b:340b:2fe2	16509 (AMAZON-02) (AMAZON-02)
3	34.149.50.64 34.149.50.64	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	52.222.169.99 52.222.169.99	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:9f1d:de60:1b9f:c4d1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2600:9000:205... 2600:9000:2057:5600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	2600:9000:223... 2600:9000:223c:4800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
1	2804:49c:3101... 2804:49c:3101:401:ffff:ffff:ffff:52	15201 (Universo ...) (Universo Online S.A.)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
173	45

15 2606:4700:20::681a:2d8 (United States)

ASN13335 (CLOUDFLARENET, US)

pt.quizur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.quizur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:244f:6e00:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.38.98.27 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-27.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.119.174.243 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2117:7600:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:3e00:1:aa11:940:93a1 (United States)

ASN16509 (AMAZON-02, US)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.206.221 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-206-221.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:18f6 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.131.145 (None, )

ASN13335 (CLOUDFLARENET, US)

t.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.91.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-28.cdg50.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.52 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.89.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-35.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:a400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:1f13:800:7781:b8a7:774b:340b:2fe2 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com

s.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.169.99 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-99.cdg52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:9f1d:de60:1b9f:c4d1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3101:401:ffff:ffff:ffff:52 (Brazil)

ASN15201 (Universo Online S.A., BR)

tracker.bt.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-12765-5.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208 googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 bid.g.doubleclick.net — Cisco Umbrella Rank: 743 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354 stats.g.doubleclick.net — Cisco Umbrella Rank: 120	235 KB
25	googlesyndication.com a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	135 KB
15	quizur.com pt.quizur.com img.quizur.com	1 MB
12	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 579 dt.adsafeprotected.com — Cisco Umbrella Rank: 564	106 KB
9	seedtag.com t.seedtag.com — Cisco Umbrella Rank: 11503 s.seedtag.com — Cisco Umbrella Rank: 4611	153 KB
8	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 68430 d.tailtarget.com — Cisco Umbrella Rank: 80465 tt-12765-5.seg.t.tailtarget.com — Cisco Umbrella Rank: 186203 b.t.tailtarget.com — Cisco Umbrella Rank: 61190 t.tailtarget.com — Cisco Umbrella Rank: 8335	25 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 955 r.clarity.ms — Cisco Umbrella Rank: 8931 c.clarity.ms — Cisco Umbrella Rank: 1556	28 KB
6	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 2709	1 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 317	229 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	4 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1460 sync.teads.tv — Cisco Umbrella Rank: 1361 t.teads.tv — Cisco Umbrella Rank: 2468	133 KB
5	jsuol.com.br tm.jsuol.com.br — Cisco Umbrella Rank: 79939 me.jsuol.com.br — Cisco Umbrella Rank: 96243	46 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	42 KB
4	uol.com.br tm.uol.com.br — Cisco Umbrella Rank: 84209 tracker.bt.uol.com.br — Cisco Umbrella Rank: 91190	3 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	257 B
4	google.de www.google.de — Cisco Umbrella Rank: 5791	688 B
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 720	125 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 166	223 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	291 KB
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 28201 ui.cleverwebserver.com — Cisco Umbrella Rank: 28913 call.cleverwebserver.com — Cisco Umbrella Rank: 29905	48 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	169 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 622	2 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 747	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 784	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1256 pixel.quantserve.com — Cisco Umbrella Rank: 960	10 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 221	743 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1167	1 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1396	576 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 806	440 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 607	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	714 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3110	104 B
1	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 30294	3 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1187	7 KB
173	36

	Domain	Requested by
16	pagead2.googlesyndication.com	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com fw.adsafeprotected.com securepubads.g.doubleclick.net www.googletagservices.com
14	securepubads.g.doubleclick.net	pt.quizur.com securepubads.g.doubleclick.net www.googletagservices.com
10	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
9	dt.adsafeprotected.com	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
9	img.quizur.com	pt.quizur.com
7	tpc.googlesyndication.com	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
6	t.seedtag.com	securepubads.g.doubleclick.net t.seedtag.com
6	pt.quizur.com	pt.quizur.com static.cloudflareinsights.com
5	s0.2mdn.net	pt.quizur.com s0.2mdn.net a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	pt.quizur.com a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com tpc.googlesyndication.com
4	sb.scorecardresearch.com	1 redirects pt.quizur.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google-analytics.com	me.jsuol.com.br www.google-analytics.com www.googletagmanager.com
4	www.facebook.com	connect.facebook.net pt.quizur.com
4	www.google.de	pt.quizur.com
4	analytics.tiktok.com	pt.quizur.com analytics.tiktok.com
4	connect.facebook.net	pt.quizur.com connect.facebook.net
4	www.googletagmanager.com	pt.quizur.com me.jsuol.com.br www.googletagmanager.com
4	tm.jsuol.com.br	pt.quizur.com tm.uol.com.br
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	s.seedtag.com	t.seedtag.com
3	www.googletagservices.com	securepubads.g.doubleclick.net a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
3	tm.uol.com.br	tm.jsuol.com.br pt.quizur.com
3	r.clarity.ms	www.clarity.ms
3	googleads.g.doubleclick.net	www.googletagmanager.com a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	www.clarity.ms	pt.quizur.com www.clarity.ms
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-12765-5.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	pt.quizur.com d.tailtarget.com
2	c.clarity.ms	1 redirects
2	googleads4.g.doubleclick.net	pt.quizur.com
2	sync.1rx.io	2 redirects
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	t.teads.tv	pt.quizur.com
2	fw.adsafeprotected.com	1 redirects a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
2	a.teads.tv	securepubads.g.doubleclick.net a.teads.tv
2	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	t.tailtarget.com
1	c.bing.com	1 redirects
1	tracker.bt.uol.com.br	pt.quizur.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pixel.quantserve.com	pt.quizur.com
1	rules.quantcount.com	secure.quantserve.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	dis.criteo.com	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
1	tags.t.tailtarget.com	t.seedtag.com
1	secure.quantserve.com	t.seedtag.com
1	static.adsafeprotected.com	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
1	call.cleverwebserver.com	pt.quizur.com
1	ui.cleverwebserver.com	pt.quizur.com
1	sync.teads.tv	a.teads.tv
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	scripts.cleverwebserver.com	pt.quizur.com
1	me.jsuol.com.br	tm.jsuol.com.br
1	static.cloudflareinsights.com	pt.quizur.com
173	61

This site contains links to these domains. Also see Links.

Domain
www.instagram.com

Subject Issuer	Validity	Valid
quizur.com GTS CA 1P5	`2023-06-15` - `2023-09-13`	3 months	crt.sh
*.jsuol.com.br Amazon RSA 2048 M02	`2023-02-21` - `2023-10-01`	7 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.uol.com.br Amazon RSA 2048 M01	`2023-07-06` - `2024-08-03`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2022-09-06` - `2023-09-05`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-23`	7 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
*.seedtag.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-29` - `2024-04-15`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
uol.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-09-21` - `2023-09-21`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://pt.quizur.com/
Frame ID: 8A32398A9DB0BF4182E52319D29A63E5
Requests: 95 HTTP requests in this frame

Frame: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60F848A16F20DDA09AE61250E294E7F3
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 591321CD906495D0A71172D5D3E4A519
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssY4GeOEar3Ps2vq4c3zWrAysBVcPzAPZedokNRDOMfLj29xioPw5r_T_WZ-QT-Uhw1E_svGElgwo6WjHn_C3YDHr5gfF1E5xJl4aYw8vj8pV9NiXSvZJ1w4jwACSh7SwxaV5F9ewHcMe1Af-s1FtDwQ7mI4NS8dIvTAvwzHahw0G5EHqjPAFNEb8DaEUQS-5gpb1vA8r7_yjsts5Y_mwEN__g6Fq3vSOYN4c7MnwLLACFd095Yj2yDgqzqYDx-CAc4FkUzCh4iajCes9nxKuI9mRI90KjNr8tfFzfXBcR0lQJ39TUQ7BXhgIQJxAQBXHfvx-iTVhCogMo&sai=AMfl-YT-S1hdicPsBL1IxHy38v27McJpMrDXePF2YTbgY7TrZCHnSYwR70UBbHQYNTP7-APfiJLfRdxhXfSG2UWzGLUZn3A9_T1_qOTvhLtFu_O_HL6F50uPFTFNbmBLGA&sig=Cg0ArKJSzLwNd5hWGUHvEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2AC9D8449B2F7F0ABBF44AED68337812
Requests: 5 HTTP requests in this frame

Frame: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 693B81AC85606D49E221F292B66172B3
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiAhMnRATAB&v=APEucNX-1ZTIO06a3uM3F_4StMkKOAYKTp0c6pcRgbKGUuEdiQTQlmtiC58Jt2YnP68979w46w82utFZsUHGhrnCYSPuwjx0HTjMajdkCxW7PIkP1wLlkLJGajTQ6_AHr-2vCCs2Hi-a5JX7Wwp35As9fYDqMejb46QLYQHBbEs5sGCFfQmvoOQ
Frame ID: E4B1358317666FFB7C20F9C03C9F7A3C
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ4rX1WCxPQ3mOek1LGM7nH8IqOg1KkMt7PGlebhRUaB2c0ekfmhJ54YcqEk4eQ5KcqfCymB_6OV6kAKI7ogjUgpzpGevK0ZzE2ycsaRhseejK2cy-S6ke5_rGBu78VWCQikN3xACZbWbtZRUvv6PFMSUHDG5ZPuP42yq7pp5FILUOgMBQWOerxvoVSTnaqYld6nPurYp5kstAZnesBxbyLDXQ4SpW1aZG-aA0sMoU0Y1FH5lcKqR3qP-9zcaDnmrM5D-0RRMbrhV43l-jwjyUUXE2p_dmsDYB77ChdYWW753l3R_7qnzyBeMiXmKusfTZlYgGaffmZa8hwywhT3QAfLIgawo3EQ&sai=AMfl-YTT47kujp4uZefYYGl5d9N_rdM8RF_hZN-LBQnADCmMezrsszJ4XMpkffm76Ob2hWBdg3OUu04eETJuaUjvj8Y_p2iv8bphvx7dG4CLvLfbSNOP7Te_fCc4HvFtLw&sig=Cg0ArKJSzGnCw9lOHSfuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 18D47838208C15B826AAB04CADE58D8B
Requests: 4 HTTP requests in this frame

Frame: https://t.seedtag.com/t/5728-2729-01.js
Frame ID: 50D107C014E9E87E284F8FF34ECB0396
Requests: 3 HTTP requests in this frame

Frame: https://cnt.trvdp.com/js/1753/8167.js
Frame ID: 5BF9578BC367DD945251B2A84309CEAA
Requests: 3 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: F6CA26E0542332DD2229B6065EBF2200
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B68D77958E9EBDCF721C5829D2B021E9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D7FD4CF4ED8C57EAC648D8400A0F4D3C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8099C8F1AB0056A6B70B40170C023658
Requests: 3 HTTP requests in this frame

Frame: https://secure.quantserve.com/quant.js
Frame ID: 2FE15866F8440209D7C17F18F5E981A9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 915B8C03919ABF42391E76FCCF83828C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
Frame ID: C70931A853821F284EB3B2B6EB60A1A0
Requests: 5 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: B0C838581BC6B66EC4E34E76D9CAA564
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: B25CED15EE88082DB3730FE9A8ECA2DF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5F8FE590E7A6D80CBA25F7C7AAEA01B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0BDF5399583005EC05BADBAF9CE21B1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quizur | Crie seu Quizsearchxhometwitterfacebookprofilepencillogoutquizlisttestuserstar

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

173
Requests

93 %
HTTPS

58 %
IPv6

36
Domains

61
Subdomains

45
IPs

10
Countries

3407 kB
Transfer

7675 kB
Size

53
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/quizur.oficial/
Title: Instagram Siga o Quizur no Instragram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1&C=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLwpVTvthcwJXB2pSXAVpAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJcuRbIhQzJho-lo1evEKq4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcuRbIhQzJho-lo1evEKq4%26google_cver%3D1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MjkzMTg2OTMyNzA5OTM4MA%3D%3D

Request Chain 98

https://fw.adsafeprotected.com/rfw/bgd/1135760/65089104/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyWv9TSAxxY_ron9xSPyh584E7K_D3x1Ysb32yYSreWVGs6VNmO70bClziDZkp3g-VolWPhe02OIMpm8ebeJpeaBNWezr8f1_jg49F8sIviwoITy-pd6LdabmZECtAkSiRMAoCZ_4ATYQNALFgPWr0Bjlb_DT83uekqEBqpyLYYa2KPZUbXBQd5PVTv_kBU26nK4tZRJMVYcLrtpHOoLfJxz90nCjpii-zCbmRFZ7xgdkL8tFxLVPa8AQ20QFY521Orkfxwi1k5bP0bnsMkWlmLQBWCezmGrO4feof0VxqYwBsO2lCnt7fz7aEKs5soBDb6ri-i_dw9YQBNp2mEGN6eYUcRw_00RrR88wpxZYSesd3M4K-mIJJY3sUqABXYiAmpHTU6aPj6jPPB7b3U_VeCnBZ7N9jd1i8JXHO2DbrTEK2XKa4ZUxJuseCd1XgBuRO2Ic8-erdjmBssYvfAzb9AlozHBE9WaLx9ojE9Es6BsnJR0d0D5JDIyl4BIigOuUOkcnUW2b_rqZs5OblNk48tuwIW23SPvedSqWuj7ZfU1rCIX7Moi30k-VgvViL49KfR-lQdDZPiFEmzrTAOMlyPNVHdzjkuMTtR8Dc_70rnHrpbyBt-dRUulqkdgguarCSz0-oKDqEIVwp3ON_XhNu9QXuDHCjnlUwz0uBM6oiq1KdJgmiqYOuPiPTKlDcojK-EelgVMY3w1IjUWYftl3fpCfDxOxVwae5BBWFC49wSh-zaIupXc6nbLAww_q_pYvim1_sCIZLx7BK8Qq0L2dKvgH8fEOl2IgsjqAZ3_VaHramHDk5B3TIOuI93SjG2b1m80GEWPD3uytMUYu_C8ocWNuCaJLxNvTOZOEb8MctogRYNqOaozZ9twPCwM-w5kN12sjTEwWxflKMNsbHZ8737WqespLMnKjlFAFZfANhX4Yfmfy-caVKvyrA0afdutnQPo_noEKF5MmMwK3RqbSXxmRR4Lyhu-oEDrWkBmLLl5dM2kXI2yvthEuRy32se7UyX05JsxeeWNSYmlwW3KmrMidcTG_cCwsw2IQDVSG-dvEumnxe4g7KbekmYf6Y0yMZUqDDbn2Fap2sFCk9-e_HC-jYC5L0JNseKs3drykmgBN11PbYDqrm43nG8Z9xcrMIz10d_r3IRBoc3jISjBNEn7CaN-5oX_Fg6wFV3pQRrg2R2hAlALQvoMp8V3GUKAtmUHkiT-XSeXLw5wNJKxvS3t61UHtnjFRNh2t1aG9PSyyteQvjuhKXXLu0lssIhHcTMlPJpjLvoyLR6FjsJg8bd3o2QhAdzEyn5FW4lBLGMYgz68UswhqdvrCRklHU6rILhHe7ErH3SJ723NDGBlb68gJgS0iHhTAXFxjOVT8BSAmG-ZfYL3K1d9w3i_7JH97KQH1nGtJfgrV7KMI9o5SR3isdiW3Ttk6XB-dHhC8eOPZvoWubL1ZC2JuOu-v6cTxdmYBFDNR2YnyVRNSFxkyk7O8yKEnCPdquO2zjDJl-4ESucCmFjsb_NXSPREtSeCtgQ1exNwc6yW64LU3OcDiBqTuczR7I-ntGkXDo1KW_nW_DBsfjIwvzslEFrG3d845Mwtg4betnPBp3sThmhopPpk8F3z86ysPjKV9ot8DicqSOqPoSJyb81TMtqXUs90PQfmFigGhvvk_Oq8DWsaoFZciqso1UOIWTUSyJvusLwO_G7y9sWOns1s9zzELbokIrQV6w0fkCQ0Z94Fw_zwdpkjBnSlEOFK4HW4WL_-00dHnEZFHAkFW0ao4KoZvwFMh6zfKXpO2PcQ82MMngVdw9C0CLl8_HTwA5lPoCB7laUfPpNd_Opzd3rW8Gi8gJqTx2iNaDZ_VcJS2Kb4LPTrCAD1quvoDVx9DgioKIqS5eRYRXEuqnlHaLLUK2HA6Ugd3HsS4LkqZykuBWoyrFgRU3EcB1pOQ_gDIvEn6fA_aBD2G5wdmKmqgc3o00PMrGibkHziwHAdowqQOwlpcJth0dn3Bi_KUddo-USUrGkad8fp64tbfQMLAuEg1gDCImH8Hiw6dkVxaMT8lBOp7-eTKRm62Ezp5XNq6qehKfNJr_SnKNXJfGvTce5-wxIi9Fo2IYbsHqtjWT6VEnNMDFiJVV-KuvrRQotR7AInug_4TGNWrXnlaKNYAZ6X_utfW4Rh812u7PvkTArbKT4iREXbiio2pBi3OVd__Za4M4i8v2cFz8CO044Fsl54E0ESMvWHx12BhS-Bh1FmJ7hpCG2zZWcjzOP1BeF3lqvzPzaMZTexWFf6DMH0o336YefTqOz2KAeZdcuHm2j6NnD9yaUFCoWqlAdOkpGcweRWk0M05GurS84dO11jcUkd1cNrt29UyEbKDV0jhpl-zs1vi0KGI0LAeUHoqiguP8IZ6bJ4PLv-qfcInW6dfNXwbMrH7uvVya47V4Jk2oiXx9lYXqfrLoUCIF6FnJNYDhGSek9NiqeZQBEgcEkT6DPZCjwdevdVtBLMI2G6uXaHQ9cUSJUwPErg-3bSji2TCOVwB_aEALtpCBOFVq0w3fywk6VrXbJN3wDsKvvWbhNYfuhyvk1TUN_TRqzqdrmPIknFzZjgpeqmA-PUw38shS8vXk0Knrz221rsx4vJd1z0E6L1LHZKuAUQ1exJdlv071anM-2BWwLs5YNKQ7FcBoIx9g0PKEIUu76-57D55B3dhhpQkBAxxOKb788FjSYAm24EtNFrc4Q4q_gfD85GiOosWRjybdLHGyFqankXbs8yCQ8Pje7jKNFHPiPQqg9F5O9KQOrFZyJ-IbNXjQlI6LHR_ZHEJ85DSOlwOS_OT3dKlOPO4yvcI4LnuvrTJF8-u2U75c8usDsZrP9vnyoZwLzX7E-xMibrYcFiV9Y4kLr6vnxJsr9sgw7L19Jlgn9DCIZ7HsqFMnndNQjLvnQgv3WOdiNExlLrFOvGHoAi4_uGi2hv04kfNYT2RWJfskmILmdaXFlY-pxlaKBFg4rAvrYNK-HnMnNdxNPykXEnWqLJzMCyvK8PzUJ6PKBZIx-2zQ97D4MNy07epsnak_-wMxk_tIZp1rrqYrPJL2bLlCUhI1c4aed1y6KFEGejSvAJI4QHwnOQIlSOz3Mgeqa2C6N3F1qYo7FOq8tIgKHT4ElJlkY376yOTVLo1FMBRC0UuZq4F2bNZ4O-ih6ILqw92iGZZhLMuemt5sEJZTMqXA5qWypiiYARknReaMi76AUG9bGq5HuaUST3esHwOivnxE4t06lNxTbSJw7wvKrmj_5q5pYURLocci5zAcQuHdf_1hL6jRe2_BKvx02L6CcHyqB2A7zkbPc9fl-RrQxUuojLr7kI3geJiRUSL0rl89kh7BdfAppmx35h45wz3ss6DbPL2hpBCAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAFgAQ&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2862082324212006&ias_chanId=1&ias_placementId=20163094551&bidurl=https://pt.quizur.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hI73Cv7S1miFyTnqGuMHgm&adsafe_url=https%3A%2F%2Fpt.quizur.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpt.quizur.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:49a9fd6a-fc06-18d1-f80d-db4e68deabde,c:j7Ntun,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5d94d9d8b-bhs88,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:3c813bc4-28c3-11ee-b6ce-ae2cdd0a626b,v:19.8.432,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyWv9TSAxxY_ron9xSPyh584E7K_D3x1Ysb32yYSreWVGs6VNmO70bClziDZkp3g-VolWPhe02OIMpm8ebeJpeaBNWezr8f1_jg49F8sIviwoITy-pd6LdabmZECtAkSiRMAoCZ_4ATYQNALFgPWr0Bjlb_DT83uekqEBqpyLYYa2KPZUbXBQd5PVTv_kBU26nK4tZRJMVYcLrtpHOoLfJxz90nCjpii-zCbmRFZ7xgdkL8tFxLVPa8AQ20QFY521Orkfxwi1k5bP0bnsMkWlmLQBWCezmGrO4feof0VxqYwBsO2lCnt7fz7aEKs5soBDb6ri-i_dw9YQBNp2mEGN6eYUcRw_00RrR88wpxZYSesd3M4K-mIJJY3sUqABXYiAmpHTU6aPj6jPPB7b3U_VeCnBZ7N9jd1i8JXHO2DbrTEK2XKa4ZUxJuseCd1XgBuRO2Ic8-erdjmBssYvfAzb9AlozHBE9WaLx9ojE9Es6BsnJR0d0D5JDIyl4BIigOuUOkcnUW2b_rqZs5OblNk48tuwIW23SPvedSqWuj7ZfU1rCIX7Moi30k-VgvViL49KfR-lQdDZPiFEmzrTAOMlyPNVHdzjkuMTtR8Dc_70rnHrpbyBt-dRUulqkdgguarCSz0-oKDqEIVwp3ON_XhNu9QXuDHCjnlUwz0uBM6oiq1KdJgmiqYOuPiPTKlDcojK-EelgVMY3w1IjUWYftl3fpCfDxOxVwae5BBWFC49wSh-zaIupXc6nbLAww_q_pYvim1_sCIZLx7BK8Qq0L2dKvgH8fEOl2IgsjqAZ3_VaHramHDk5B3TIOuI93SjG2b1m80GEWPD3uytMUYu_C8ocWNuCaJLxNvTOZOEb8MctogRYNqOaozZ9twPCwM-w5kN12sjTEwWxflKMNsbHZ8737WqespLMnKjlFAFZfANhX4Yfmfy-caVKvyrA0afdutnQPo_noEKF5MmMwK3RqbSXxmRR4Lyhu-oEDrWkBmLLl5dM2kXI2yvthEuRy32se7UyX05JsxeeWNSYmlwW3KmrMidcTG_cCwsw2IQDVSG-dvEumnxe4g7KbekmYf6Y0yMZUqDDbn2Fap2sFCk9-e_HC-jYC5L0JNseKs3drykmgBN11PbYDqrm43nG8Z9xcrMIz10d_r3IRBoc3jISjBNEn7CaN-5oX_Fg6wFV3pQRrg2R2hAlALQvoMp8V3GUKAtmUHkiT-XSeXLw5wNJKxvS3t61UHtnjFRNh2t1aG9PSyyteQvjuhKXXLu0lssIhHcTMlPJpjLvoyLR6FjsJg8bd3o2QhAdzEyn5FW4lBLGMYgz68UswhqdvrCRklHU6rILhHe7ErH3SJ723NDGBlb68gJgS0iHhTAXFxjOVT8BSAmG-ZfYL3K1d9w3i_7JH97KQH1nGtJfgrV7KMI9o5SR3isdiW3Ttk6XB-dHhC8eOPZvoWubL1ZC2JuOu-v6cTxdmYBFDNR2YnyVRNSFxkyk7O8yKEnCPdquO2zjDJl-4ESucCmFjsb_NXSPREtSeCtgQ1exNwc6yW64LU3OcDiBqTuczR7I-ntGkXDo1KW_nW_DBsfjIwvzslEFrG3d845Mwtg4betnPBp3sThmhopPpk8F3z86ysPjKV9ot8DicqSOqPoSJyb81TMtqXUs90PQfmFigGhvvk_Oq8DWsaoFZciqso1UOIWTUSyJvusLwO_G7y9sWOns1s9zzELbokIrQV6w0fkCQ0Z94Fw_zwdpkjBnSlEOFK4HW4WL_-00dHnEZFHAkFW0ao4KoZvwFMh6zfKXpO2PcQ82MMngVdw9C0CLl8_HTwA5lPoCB7laUfPpNd_Opzd3rW8Gi8gJqTx2iNaDZ_VcJS2Kb4LPTrCAD1quvoDVx9DgioKIqS5eRYRXEuqnlHaLLUK2HA6Ugd3HsS4LkqZykuBWoyrFgRU3EcB1pOQ_gDIvEn6fA_aBD2G5wdmKmqgc3o00PMrGibkHziwHAdowqQOwlpcJth0dn3Bi_KUddo-USUrGkad8fp64tbfQMLAuEg1gDCImH8Hiw6dkVxaMT8lBOp7-eTKRm62Ezp5XNq6qehKfNJr_SnKNXJfGvTce5-wxIi9Fo2IYbsHqtjWT6VEnNMDFiJVV-KuvrRQotR7AInug_4TGNWrXnlaKNYAZ6X_utfW4Rh812u7PvkTArbKT4iREXbiio2pBi3OVd__Za4M4i8v2cFz8CO044Fsl54E0ESMvWHx12BhS-Bh1FmJ7hpCG2zZWcjzOP1BeF3lqvzPzaMZTexWFf6DMH0o336YefTqOz2KAeZdcuHm2j6NnD9yaUFCoWqlAdOkpGcweRWk0M05GurS84dO11jcUkd1cNrt29UyEbKDV0jhpl-zs1vi0KGI0LAeUHoqiguP8IZ6bJ4PLv-qfcInW6dfNXwbMrH7uvVya47V4Jk2oiXx9lYXqfrLoUCIF6FnJNYDhGSek9NiqeZQBEgcEkT6DPZCjwdevdVtBLMI2G6uXaHQ9cUSJUwPErg-3bSji2TCOVwB_aEALtpCBOFVq0w3fywk6VrXbJN3wDsKvvWbhNYfuhyvk1TUN_TRqzqdrmPIknFzZjgpeqmA-PUw38shS8vXk0Knrz221rsx4vJd1z0E6L1LHZKuAUQ1exJdlv071anM-2BWwLs5YNKQ7FcBoIx9g0PKEIUu76-57D55B3dhhpQkBAxxOKb788FjSYAm24EtNFrc4Q4q_gfD85GiOosWRjybdLHGyFqankXbs8yCQ8Pje7jKNFHPiPQqg9F5O9KQOrFZyJ-IbNXjQlI6LHR_ZHEJ85DSOlwOS_OT3dKlOPO4yvcI4LnuvrTJF8-u2U75c8usDsZrP9vnyoZwLzX7E-xMibrYcFiV9Y4kLr6vnxJsr9sgw7L19Jlgn9DCIZ7HsqFMnndNQjLvnQgv3WOdiNExlLrFOvGHoAi4_uGi2hv04kfNYT2RWJfskmILmdaXFlY-pxlaKBFg4rAvrYNK-HnMnNdxNPykXEnWqLJzMCyvK8PzUJ6PKBZIx-2zQ97D4MNy07epsnak_-wMxk_tIZp1rrqYrPJL2bLlCUhI1c4aed1y6KFEGejSvAJI4QHwnOQIlSOz3Mgeqa2C6N3F1qYo7FOq8tIgKHT4ElJlkY376yOTVLo1FMBRC0UuZq4F2bNZ4O-ih6ILqw92iGZZhLMuemt5sEJZTMqXA5qWypiiYARknReaMi76AUG9bGq5HuaUST3esHwOivnxE4t06lNxTbSJw7wvKrmj_5q5pYURLocci5zAcQuHdf_1hL6jRe2_BKvx02L6CcHyqB2A7zkbPc9fl-RrQxUuojLr7kI3geJiRUSL0rl89kh7BdfAppmx35h45wz3ss6DbPL2hpBCAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAFgAQ

Request Chain 116

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHQuqc9z2SNTyZ5OkuEkFBM&google_cver=1&google_push=AaAOQGFY6jFNJgFFHaowpcRVAvBbJGHM1AIB9HtGNb6DwEz1UJIfgLjZZ2v_sGT_xwpUOw4DX6hN_cIhN-ubR35kqjc26QW1JN6X3w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFY6jFNJgFFHaowpcRVAvBbJGHM1AIB9HtGNb6DwEz1UJIfgLjZZ2v_sGT_xwpUOw4DX6hN_cIhN-ubR35kqjc26QW1JN6X3w&google_hm=eS1tU2RmV1hCRTJwRWd2Y0wwdXNfN0JDa0RNZ3VTVE1VTn5B

Request Chain 118

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDxDwBs0ShLQIxbiGWQgK7M&google_cver=1&google_push=AaAOQGEI8gxPYwygkPyUiAvJm3QbMhFMrscr-m5dz6ApFfWVZTVKOyMdI1sHz7CthAS6Hw6y9eoZ3VwgSRjsagmdX7OCHBcD72-FCw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDxDwBs0ShLQIxbiGWQgK7M&google_cver=1&google_push=AaAOQGEI8gxPYwygkPyUiAvJm3QbMhFMrscr-m5dz6ApFfWVZTVKOyMdI1sHz7CthAS6Hw6y9eoZ3VwgSRjsagmdX7OCHBcD72-FCw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NLT7so_lTiC_wmx-BLyM1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEI8gxPYwygkPyUiAvJm3QbMhFMrscr-m5dz6ApFfWVZTVKOyMdI1sHz7CthAS6Hw6y9eoZ3VwgSRjsagmdX7OCHBcD72-FCw

Request Chain 119

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOWf7JtvRr5P8wT3KDVsnew&google_cver=1&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5RoHXfMoD5whvag HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOWf7JtvRr5P8wT3KDVsnew&google_cver=1&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5RoHXfMoD5whvag&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5RoHXfMoD5whvag&google_hm=HBk9rGZH_07stn8uSIuzxcws

Request Chain 120

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED0J3RJ562C3Tp3LxIALtnU&google_cver=1&google_push=AaAOQGGIP2XP43I9f22wqYRqtX1nsUpPw7bpvjSC_n-Sv8FdHtfg-jmA8wepPgagDFG6VLQo8PWyWzw4D0dV-Bxs4_ScfX4PxtBe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGIP2XP43I9f22wqYRqtX1nsUpPw7bpvjSC_n-Sv8FdHtfg-jmA8wepPgagDFG6VLQo8PWyWzw4D0dV-Bxs4_ScfX4PxtBe

Request Chain 121

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENUoEKdLFSRZRlHN3YtcWtQ&google_cver=1&google_push=AaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1690052950094 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2e585669-fd4f-476d-8d0b-ed80ea49093d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg%26google_hm%3DAy5YVmn9T0dtjQvtgOpJCT0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg&google_hm=Ay5YVmn9T0dtjQvtgOpJCT0

Request Chain 134

https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 147

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CA88782D451A4EC0981DD872F0439753&RedC=c.clarity.ms&MXFR=18444834178A670505645B62138A6998 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA88782D451A4EC0981DD872F0439753&MUID=3003C66F897768F2323DD53988DB69EB

173 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pt.quizur.com/ 77 KB
21 KB 372ms
245ms Document
text/html 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a9c5bebccbea62122a4fe0d328b7fe3d5a7f6b77a655981cf743c923ccd12b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, no-cache="set-cookie"
cf-cache-status: DYNAMIC
cf-ray: 7eadf9ec9ad330d2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Jul 2023 19:09:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g50%2FGidtjakWZ%2FcqBrKBzbJyutc1FIJVXfSbvlZypPcNIrVSXOnREs5QiCsxlzfAYxe5NNgKdj%2BdsDpGsYG4AN6ziFXco3FgEtzBUKBEhgG3bQZ48J5BZrjCC%2F3ZsbdjIM5ZMhLe82zDdTc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 70 KB
16 KB 295ms
37ms Script
application/javascript 2600:9000:244f:6e00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=fmr0nz
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:6e00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6e7e124d9fc9ed632f12a8a18dc7ed5a59e247c02a0bb086a904303af39e565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:59:02 GMT
content-encoding: gzip
via: 1.1 6bbb2da0f4f203dadcd8f0ae1073d674.cloudfront.net (CloudFront)
last-modified: Mon, 14 Nov 2022 13:03:23 GMT
server: marrakesh 1.16.6
x-amz-cf-pop: CDG52-P4
age: 606
etag: 2c9a4d99ff3d158600bee628cf93e8fe
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 16140
x-amz-cf-id: uaHVrwTN3T-h6a7OMQ8cd1fBjQ_Ch5Eo_DmfXhTPdgCvPMcQho-ubg==
expires: Sat, 22 Jul 2023 19:59:02 GMT

GET
H2 200 index.css
pt.quizur.com/css/ 30 KB
7 KB 28ms
28ms Stylesheet
text/css 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.quizur.com/css/index.css?v=1.5.1
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72f1c0c518a1f255e344a35e8487276ddbf742f4f2bac6d42fc96160a624787f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 21 Jul 2023 12:01:54 GMT
server: cloudflare
age: 1569
cf-polished: origSize=31705
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nxsiyJbR%2Fi4xoqVaX2H86pG%2FrgbrTQqwYtm7ZvDhidQBdcYtX9Rrd2bKIvoH8Ef4WuzNUm2Rjp8VtV5b%2F9ptnEx%2BW7CHWYYBEK4c9rFEcfdKiYSIKj1lcnI6DSQDjWnrktn2WGp4SRg%2BDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7eadf9ef6ea030d2-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 127ms
74ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20990bf56f4db13b8cb039b94a70f60304d3622a92dc8f91cc887855fc0371f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28012
x-xss-protection: 0
server: cafe
etag: 437 / 19560 / 31076291 / config-hash: 3532551707473895787
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:09:08 GMT

GET
H2 200 logo.png
pt.quizur.com/i/ 2 KB
3 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.quizur.com/i/logo.png
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe85bffa5c8b49bf241c76e13c47e65d3968d0b3472d2ea0b3a80e9bca144c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5648
cf-polished: origFmt=png, origSize=3816
content-disposition: inline; filename="logo.webp"
content-length: 2428
cf-bgj: imgq:85,h2pri
last-modified: Fri, 21 Jul 2023 11:56:43 GMT
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yVcJNyCwWv0O5PRVwXo5y8nBM1oCN1SHKewdCw%2FSKytTwDxzQptBdzJT7DIYcKLow%2Ff%2FhLiurVdf9UFs3Eyw1NOdUHsH9QkzPnu%2F0AotKrt6COc59olTR778j88xvbwiuiQlfhJ9vy1FCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, no-cache="set-cookie"
accept-ranges: bytes
cf-ray: 7eadf9ef8edc30d2-FRA

GET
H2 200 img64bbe3756594c7.03654421.png
img.quizur.com/f/ 384 KB
385 KB 440ms
415ms Image
image/png 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img64bbe3756594c7.03654421.png?lastEdited=1690035070
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 677edf2e1ba51a94de9a458a904ae3f66efb18ca1812f4d740cf4410c275fe80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J1DT5691HANMM5DR
x-amz-server-side-encryption: AES256
content-length: 393361
x-amz-id-2: BMNCoqRXFMda52ItSI/Ox8fTcQ53UMI2aewhTgmyY9YfO1WfbtQ0aX788cKW6XeWqTxAKVLnyow=
last-modified: Sat, 22 Jul 2023 14:11:12 GMT
server: cloudflare
etag: "a07d2ba9cff508c26e81dd064969af1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ8d6cykXxF%2F2E8oCr7p7qzXpoXgBCbKw%2BOCf1%2FnziBysyk0B4mO8RbFSYl%2Fq24TtOZDisb6ta2HjcIQEVOTmLJz1hMjt0SW7inpPr5IFha6a6nAXpxvvi4yhIYXrVbNDWv7tJm9563VvQnY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9efaf0d30d2-FRA

GET
H2 200 img64bb14faa914d2.27019787.jpg
img.quizur.com/f/ 51 KB
52 KB 438ms
413ms Image
image/jpeg 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img64bb14faa914d2.27019787.jpg?lastEdited=1689982234
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad022966ece2f91d01fc0145eb2df15608977fa00734244efbf33f15f960d022

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J1DW5GAVFGHY4ASF
x-amz-server-side-encryption: AES256
content-length: 52530
x-amz-id-2: u+zyyateKP1kmAwR49MjZP5lbHO8iZ1zINkIarl5ILjzIJU+HllGYvJ2ekjDHkL58ATVVExTRVk=
last-modified: Fri, 21 Jul 2023 23:30:35 GMT
server: cloudflare
etag: "1902b1df91e225c07de37d352883a77b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53MyczjlMr6RvGSHCzyaDbzGQgm96MXS9h74oZSFxkMU02agV91UCYihMxr%2BAyzuXIk%2BdJFBOQUYu4teTP2OrNdHyta8wG8TjtqOaVl9cK%2BuCzidxvOp4jfrA5bH0nuegW6n5mKmeGRAl3FQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9efaf0930d2-FRA

GET
H2 200 img64bb35b16ac607.96341616.jpg
img.quizur.com/f/ 85 KB
86 KB 424ms
399ms Image
image/jpeg 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img64bb35b16ac607.96341616.jpg?lastEdited=1689990585
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c486e4ea33905b91e62504017857f89f8817090b344e42f184bb69a1702b4f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J1DT984PPEM6S2H8
x-amz-server-side-encryption: AES256
content-length: 87464
x-amz-id-2: vNdg+CYeVQU6TvrfHxLLkJVlcw3FYg2DrAsLP7yjM+Oqtrh3APQ1/llIv/3gLSN2wJ34o8NDJqM=
last-modified: Sat, 22 Jul 2023 01:49:46 GMT
server: cloudflare
etag: "bc3ad7fce64299d2804728589edda34a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bM4mArz4Djc6DFwqxfVKT1wQietEaJetC7pOmhdspNhdlJgMjGBQse8l2ccLqBNiK7qdIRUAte2M%2BrXAg0TU1CerGFJEEai8GUK0rGLS5VWgR%2F4v3rdtmLrZA7cwij5D6Vn%2Fps8sqTFkIPe3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9efaf0f30d2-FRA

GET
H2 200 img64bae32b6ec061.15715112.jpg
img.quizur.com/f/ 46 KB
47 KB 430ms
406ms Image
image/jpeg 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img64bae32b6ec061.15715112.jpg?lastEdited=1689969465
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a2174eef9a70c7ab27e82ebeba52939d60cd074baab2269b942cf5dd14ee2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J1DRNW56KMJX6HWY
x-amz-server-side-encryption: AES256
content-length: 47278
x-amz-id-2: VVHUSFbFm3SmJqXVhOO7uXee0V3AKFEd7pP9mTfocMr0l3KXHUAYP7TottzBHT2VKnqAwBSTRmw=
last-modified: Fri, 21 Jul 2023 19:57:46 GMT
server: cloudflare
etag: "1b54b5bdc33fb2cbe0f3261a4df0be3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkA87oyG8ZFnA5VWma7y97cf0WE%2FqGjngot9bEuTkwoIyCpYvfg7MJN84Y4iSddgbbRvSBmPKwNTQUuAbr6XLLNvih4H0AkeLoGtvPVihG67VlwmVLwvWu9Crf66SFOD14jRR%2BjGKMpFoC7F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9efaf1330d2-FRA

GET
H2 200 img649d13fbd43de9.83279438.png
img.quizur.com/f/ 57 KB
57 KB 63ms
38ms Image
image/webp 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img649d13fbd43de9.83279438.png?lastEdited=1688015895
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4862e83df8784a22b232e719b515765af6c42c4aa5c75a3c33f050a63fa8e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R216NQ5ZXZNMWM4E
age: 948511
cf-polished: origFmt=png, origSize=87370
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="img649d13fbd43de9.webp"
content-length: 58206
x-amz-id-2: bJopqHIpjki21Ry430sr9CrKerg4RUhmtxbkv5EfUunv5lBs6+3bOQSAFEkWr8KZovecrX9cFFA=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 29 Jun 2023 05:18:17 GMT
server: cloudflare
etag: "20139ea8e1bb3d99bd2542ef88977709"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A625EZeIbNiSS3gDXjllG1Zeq%2BhvXBv2uYPD3QoEoJ08%2Ft7MgYLgqEzN2Y99EqxNHZlI%2BeXZp5NAfX4EifYsNFXujmO%2FVA8uxUHAKdJzAo02blIUpWnnzCG5JsTGIYZCqHVuA46mT2A4PLKC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9efaf1430d2-FRA

GET
H2 200 img64b0584f53ae44.73367055.jpg
img.quizur.com/f/ 81 KB
82 KB 67ms
43ms Image
image/jpeg 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img64b0584f53ae44.73367055.jpg?lastEdited=1689278553
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c65ac9511828290f9b76debc525de86b57415c1ce204e7ce53e493d54502a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C7YZYCGV8N09NDJA
age: 763936
cf-polished: origSize=86315
x-amz-server-side-encryption: AES256
content-length: 82862
x-amz-id-2: hHnRXdZJVnihlL9VyKl619WXISiwy4hE9jTGKZJ9vkorc8yV35mtTHrwSQ13zdjnjTNEM42MN+mTQ3ma/MZn/A==
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jul 2023 20:02:34 GMT
server: cloudflare
etag: "fb165fb376edf255eaa1ea8e880d1380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hvZMmTpFs4z7DYd%2B5N3WrFdha93i3DVrm3JKcnTIf6NeFfCZ2%2Fnu0kTFbJBjIe4QL%2Bv%2F8qTzWCEE3zNfBlfEHPQs7OFvDWJdFTyDoIEYvtNK15XDmVPaRuOwPqpI%2F1%2F04f02A3LWDzk9jkJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9efaf0b30d2-FRA

GET
H2 200 img64b05843ed3076.82831298.png
img.quizur.com/f/ 214 KB
215 KB 59ms
58ms Image
image/webp 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img64b05843ed3076.82831298.png?lastEdited=1689278536
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8485a9dd6629cd67e0687d9192d7d02dfe742aa1f643160b926783efa1675d5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R8GKPM054PRWY079
age: 154630
cf-polished: origFmt=png, origSize=365314
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="img64b05843ed3076.webp"
content-length: 219380
x-amz-id-2: 9EKHc18Ny3Vp9fTQqWpVFe51Om+PLRa3zL006pgFQs0UY6ZENzwJvbR7zUm3R+S4zs/QZQl0h9U=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 13 Jul 2023 20:02:17 GMT
server: cloudflare
etag: "8f11dcf2c9ff6e6bd23d0da5c0639ea1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaXBtEYPsj4GWJfniC5pCV3IwXJEthwPdRTvDhW%2FUa4ACpPHUue8pjYWHk9mcPFY%2FNMQ9OM8gIs2pNFluU2PS%2FctT4wAbH5yME%2BORjduKWfP4ts0eCeTlyRiBITmPQR%2F5%2BaseldI6zsuR%2BGI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9efdf4930d2-FRA

GET
H2 200 img63d1d2604dab89.43723279.png
img.quizur.com/f/ 231 KB
232 KB 30ms
30ms Image
image/webp 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img63d1d2604dab89.43723279.png?lastEdited=1674695269
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09be6bd62d36f7e8d3134da373613b6bf7ec4852d8bff6bc0d261e4c546086d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R2PQ6RRJ5YH8EEX3
age: 2341443
cf-polished: origFmt=png, origSize=416554
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="img63d1d2604dab89.webp"
content-length: 236516
x-amz-id-2: ONS3tA3iXceegCmRRIP/CGIuif79cCyGNMdr7XtqnK2jRLYKUsVQocXBrmN7Eqvy3AnMlCv1kLE=
cf-bgj: imgq:100,h2pri
last-modified: Thu, 26 Jan 2023 01:07:50 GMT
server: cloudflare
etag: "0a3642f686c4431d5484f6d0b59e064d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ykhHykCska%2FAp%2BPVgY%2BZO3s%2FCiVImKG58urtVT29wOk4%2Blwa1bs9StOt3rSC4%2Fr%2F7NYjtzmWBAVnyn35Xq5b4fAYW8N9I%2FlhDOAQ2v44qz%2FI8ldsFneiExGOzl0c%2BAYVbRV6McorIsmIif3A"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9f03fd330d2-FRA

GET
H2 200 main.js Show response
pt.quizur.com/js/ 260 KB
90 KB 38ms
37ms Script
text/javascript 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.quizur.com/js/main.js?v=1.5.1
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98ee89abc183c398b66b0c52fe780551b89ad2189a6adca3b8aafc85b7643441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jul 2023 12:01:50 GMT
cf-bgj: minify
server: cloudflare
age: 1569
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhLHdhVj%2BeKwPXFrcLuO0CL2FOkggMjjggiqwnuYL%2FF85N6ypy3irsqqOxJ1IlW6fZ74z9ulNNKdvQA%2BpyxthauVUXDPy4bjnJfClivuxnsC4EAb40J82PIZNM%2BtolKy3RJcsPclRXHvrCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 7eadf9ef8edf30d2-FRA

GET
H2 200 v2cb3a2ab87c5498db5ce7e6608cf55231689030342039 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 112ms
60ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67

Request headers

Referer: https://pt.quizur.com/
Origin: https://pt.quizur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7eadf9efdb619b88-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
45 KB 95ms
44ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNQ8GCX

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45ed23ebfce9d384631a10d1c6085c8ff6a0ae8bad56c55d7e300c4561f3f66a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45458
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jul 2023 19:09:08 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 65ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jul 2023 19:09:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: GIivtVy036M0mJgJNV1lHuPHZQHkGcqITNPHsY9cBYmS0RvUZ60KplIzK5YToFrDoYFBtJ32P1MmgQZQIUrwnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 194ms
124ms Script
application/javascript 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH9VQ4RC77U3VDB5Q6C0&lib=ttq
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c1d78f7d5ae545b164ac05ef74b4fb9e114682ce5fbd49d2b7631ee49cba3f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-request-id: 836d7870.72970ad
date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-parent-response-time: 98,23.38.99.91
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=6, inner; dur=3
content-length: 1228
pragma: no-cache
server: nginx
x-tt-logid: 20230722190908B3DED80DFB134F031BB4
x-cache-remote: TCP_MISS from a23-32-16-92.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.32.16.92
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6d271052797c9aabf91b988755f18dcbfb53c5ab0181bc8532a6c573b4c9362b8f0f07a87b6fdd8942f9ed7e52f6c7a64357a64d94dc7f606c53702e4f68232d5aa35662e3055b3d398bf3c21b973299205f3bb11534c1875df61948d151e463cc
expires: Sat, 22 Jul 2023 19:09:08 GMT

GET
H2 200 guq6njeet2 Show response
www.clarity.ms/tag/ 648 B
1011 B 162ms
109ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/guq6njeet2
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f261ecd621a60e02791bb474b37265c84c640439452fe2bd2f1bb0ca5c09b6fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: -1
date: Sat, 22 Jul 2023 19:09:08 GMT
x-azure-ref: 20230722T190908Z-hy15ypgvd554m48a4egqehxmg000000001a0000000013xeh
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 648
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
86 KB 97ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKW2SVZ

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5247f5a02c33b4370701e6116c47744fd5299268efb16a865a02216471ecff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87733
x-xss-protection: 0
last-modified: Sat, 22 Jul 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Jul 2023 19:09:08 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05eb14e830a062a5054bf6332d39458064d4e1d0ef5644b789f7070457f64f2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a90814066989c1db101e6fa4443d65f00847703b2112ab177efcd1a73b5e161

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 44ms
44ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/js/main.js?v=1.5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2a73f989b17f07f410278f9199fe9ad73a61b0e5d20eff50b788a5672410c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 19:09:08 GMT
content-md5: dzT9XstsJYK9SzPjNjLz7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-debug: EfJG9hPJmXYk6kcL1sV3JkhkAcFl46LQ+dwwfEgFWLNnvvD9Pe1mEbGqF7W3jAtjhr92LhHjc/gK6xjjo0mBrQ==
x-fb-content-md5: af84e550174ed175d5d7fedf2db12b9f
cross-origin-opener-policy: same-origin-allow-popups
etag: "18dd3219fdd319810e1d97a459356f6c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:24:52 GMT

GET
H2 200 img64bc1200a126a0.38966158.jpg
img.quizur.com/f/ 41 KB
41 KB 350ms
350ms Image
image/jpeg 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.quizur.com/f/img64bc1200a126a0.38966158.jpg?lastEdited=1690046980
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4d49f745bf165abe5af2d5a953d941f4c7da394316284aaf84fc63ec3ccf85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J1DSS9G17QFBFEXM
x-amz-server-side-encryption: AES256
content-length: 41481
x-amz-id-2: wFF8mbaZzsscWIAbw7G7VHta5+O/vMFq8aPDL8QASx7U/cEjnIGSz1f/WTT5KV7Ou/3i3UW3iCk=
last-modified: Sat, 22 Jul 2023 17:29:41 GMT
server: cloudflare
etag: "58e135cec1dd26cbb2589c3d518188a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQjkNfgSUvSNfXYJlOv%2BPz7q8eI5zkvGs%2FEP2AOPCZnJ5epOvX0f3EkBrWHhPloUPpd56psBhfsvy9VIX9X3O9si4oJessy82fCilHhvtnXRR6XJE7ob7FEdY%2BLTpUWKcxARXEe2pxl1TaOo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7eadf9f04fe830d2-FRA

GET
H2 200 s.js Show response
pt.quizur.com/cdn-cgi/zaraz/ 7 KB
3 KB 32ms
32ms Script
text/javascript 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.quizur.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUXVpenVyJTIwJTdDJTIwQ3JpZSUyMHNldSUyMFF1aXolMjIlMkMlMjJ4JTIyJTNBMC45NjU1OTEyODY1MjUxMjY4JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZwdC5xdWl6dXIuY29tJTJGJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e80a953c5b486354fc64652bd8a7a7a5158496308e60b9eee3e42e094f0d80e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://pt.quizur.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZVc%2B0JIF6ALxCcXPJ3UEktEj%2FX1vhnzLsUp%2FRvyNv4SyxJHhY0QWriPOYQ8mgd%2BEnYoUkaCi9%2F6k8%2FwDx0zEJOfcNCK4%2Fkpxy%2FT9A4gDrAkS8cEZMJBrHEbeYhThl3LFasJ%2BJzC8z2%2BH9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7eadf9f04fda30d2-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

GET
H2 200 1411900065792526 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 157ms
155ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1411900065792526?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b103f27466b6373dcb6e98da53dafb411f0beedc29257ff6c5848d519c3d8ee4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 22 Jul 2023 19:09:08 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: XtztjZ8/4HqX0aljt5Y+b9hLUN1P59A3Yl9+J5IHpWLcRo/ZAyS+eZnwTiQb597qgVHw8xASMJCRgfGiisRs/Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pt_BR/ 307 KB
87 KB 47ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=d5ac142b6441c0fe7782a35bf3d5f546

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bbb7eac4e7d5cc4b30cac1a89b495c4c1fd27200088a79d4d11e02565b6fae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pt.quizur.com/
Origin: https://pt.quizur.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 19:09:08 GMT
content-md5: OrntJDcXceoJkGv9InHxyQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88780
x-fb-debug: dU4q3JovPWBr19Hi2qdcGd1P1lNVcpHVOlBl8HTVW+5AfWHBdmr372fJqnScuVvafQFWdm2XuKEehj6YiuRihg==
x-fb-content-md5: db1fec396770e686563bfe92ee5ba20f
cross-origin-opener-policy: same-origin-allow-popups
etag: "e415de3c7d15e72f2da0cd91c823bac8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 21 Jul 2024 19:04:53 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ 385 KB
123 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 08:36:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37938
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 21 Jul 2024 08:36:50 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11159647309/ 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11159647309/?random=1690052948572&cv=11&fst=1690052948572&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.quizur.com%2F&hn=www.googleadservices.com&frm=0&tiba=Quizur%20%7C%20Crie%20seu%20Quiz&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKW2SVZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a039b5bdd0a92cdddcb17bc53b2cbc102a88344cb385603a9fa73f98fc6f175d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1299
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.8/ 57 KB
24 KB 43ms
43ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.8/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/guq6njeet2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
last-modified: Sun, 16 Jul 2023 16:46:04 GMT
etag: W/"0x8DB861C253E234D"
vary: Accept-Encoding
x-azure-ref: 20230722T190908Z-hy15ypgvd554m48a4egqehxmg000000001a0000000013xfp
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 46f23ebd-e01e-005e-6f85-b9c53b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 main.MWUwMGY1OGEyMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 337 KB
92 KB 26ms
26ms Script
application/javascript 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMGY1OGEyMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH9VQ4RC77U3VDB5Q6C0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 282b35dabd5da2a4a49bad59109de41a83e77101bb4fe05134da6c399e8b54b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-request-id: 72970d8
date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230720113045DC2E93309AE2BB0CA16A
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-origin-response-time: 10,23.220.104.215
x-tt-trace-host: 0126e2be24101de034bf7b06dca3dc41e3de83a8c9883b3488fa331de2e3963ea8def1dc3fa692710fe6950b77aba1e73a752b2b591aa5f0ab3ad3b3d14d0e28027d4b02d1826bc8640aea3b628e75c83398c930c03ad6e618b6960641e76273b6f39505981a0ff044b8ca837ecfbae23a
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 93337

GET
H2 200 frtns9d0vm Show response
www.clarity.ms/tag/ 649 B
904 B 120ms
120ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/frtns9d0vm
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: da802d350b5a2fd59604af80d9d082ad0d0b4177fd6cc2846481272bee60a442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: -1
date: Sat, 22 Jul 2023 19:09:08 GMT
x-azure-ref: 20230722T190908Z-hy15ypgvd554m48a4egqehxmg000000001a0000000013xg6
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 649
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 /
www.google.com/pagead/1p-user-list/11159647309/ 42 B
455 B 264ms
35ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11159647309/?random=1690052948572&cv=11&fst=1690052400000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.quizur.com%2F&frm=0&tiba=Quizur%20%7C%20Crie%20seu%20Quiz&fmt=3&is_vtc=1&random=1099906795&rmt_tld=0&ipr=y

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11159647309/ 42 B
455 B 262ms
40ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11159647309/?random=1690052948572&cv=11&fst=1690052400000&bg=ffffff&guid=ON&async=1&gtm=45He37j0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.quizur.com%2F&frm=0&tiba=Quizur%20%7C%20Crie%20seu%20Quiz&fmt=3&is_vtc=1&random=1099906795&rmt_tld=1&ipr=y

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 66ms
66ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2655375327086908&correlator=2801463201393196&eid=31076291%2C44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=168346508%2Cquizur_video_desk&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C480x320%7C580x400%7C250x250%7C250x360%7C336x280%7C200x446%7C200x200%7C320x480%7C400x300&ifi=1&adks=62751730&didk=1648293675&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1690052948781&lmt=1690052948&adxs=680&adys=885&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpt.quizur.com%2F&frm=20&vis=1&psz=1300x202&msz=480x200&fws=4&ohw=1600&ga_vid=1643838586.1690052949&ga_sid=1690052949&ga_hid=402134110&ga_fc=false&dlt=1690052948374&idt=342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96f48de66fe580447ff42a36f93b6e03e472b77f19657934db1bcff91f94afe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11693
x-xss-protection: 0
google-lineitem-id: 6350346191
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440027666
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 304ms
304ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2655375327086908&correlator=2801463201393196&eid=31076291%2C44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=168346508%2Cquizur%2Cfixo&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C960x90%7C950x90%7C728x90%7C320x100&ifi=2&adks=1543694557&didk=807140530&sfv=1-0-40&prev_scp=posicao%3Dfixo%26formato%3DFixo&sc=1&cookie_enabled=1&abxe=1&dt=1690052948790&lmt=1690052948&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpt.quizur.com%2F&frm=20&vis=1&psz=1600x-1&msz=0x-1&fws=644&ohw=1300&ga_vid=1643838586.1690052949&ga_sid=1690052949&ga_hid=402134110&ga_fc=false&dlt=1690052948374&idt=342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

615c6f51bbfbd190e204affdcbe01b3e992523f1b4629b59a212368e8fd15ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13825
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60F8 6 KB
3 KB 259ms
30ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 19:09:09 GMT
expires: Sun, 21 Jul 2024 19:09:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 229ms
173ms Fetch
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1557866621122521&input_token&origin=1&redirect_uri=https%3A%2F%2Fpt.quizur.com%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js?hash=d5ac142b6441c0fe7782a35bf3d5f546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Sat, 22 Jul 2023 19:09:08 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
x-fb-debug: jAfmSf0S2dN4HrrMYEk+deeQNzXhr50RlUziVvxNJd8WKjk0jgiW+UnKQ+8qbFn9LQwvtERgR7VTjPNY4Ro9Tw==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.quizur.com
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 76ms
21ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1557866621122521&ev=fb_page_view&dl=https%3A%2F%2Fpt.quizur.com%2F&rl=&if=false&ts=1690052948815&sw=1600&sh=1200&at=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jul 2023 19:09:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
293 B 429ms
126ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.quizur.com
Date: Sat, 22 Jul 2023 19:09:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 419ms
418ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2655375327086908&correlator=2801463201393196&eid=31076291%2C44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=168346508%2Cquizur%2Cforadapagina_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=4288508918&didk=1108992315&sfv=1-0-40&ists=1&prev_scp=posicao%3Dforadapagina_1%26formato%3DForadaPagina&sc=1&cookie_enabled=1&abxe=1&dt=1690052948823&lmt=1690052948&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpt.quizur.com%2F&frm=20&vis=1&psz=1600x2720&msz=1x-1&fws=4&ohw=1600&ga_vid=1643838586.1690052949&ga_sid=1690052949&ga_hid=402134110&ga_fc=false&dlt=1690052948374&idt=342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96ee7751d1e8c747bcfb910f40e8df985fe79bf90a17d1da543ea79fb507a521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4070
x-xss-protection: 0
google-lineitem-id: 6333100933
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437795431
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 618 B
304 B 328ms
327ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2655375327086908&correlator=2801463201393196&eid=31076291%2C44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=168346508%2Cquizur%2Cforadapagina_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&adks=1036514799&didk=1108992314&sfv=1-0-40&ists=1&prev_scp=posicao%3Dforadapagina_2%26formato%3DForadaPagina&sc=1&cookie_enabled=1&abxe=1&dt=1690052948827&lmt=1690052948&adxs=0&adys=1&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpt.quizur.com%2F&frm=20&vis=1&psz=1600x2720&msz=1x-1&fws=4&ohw=1600&ga_vid=1643838586.1690052949&ga_sid=1690052949&ga_hid=402134110&ga_fc=false&dlt=1690052948374&idt=342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f18069b9af8471d416c4692e969fe6bb69c3c40010d8fc17e40577730d2e042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 401ms
401ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2655375327086908&correlator=2801463201393196&eid=31076291%2C44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=168346508%2Cquizur%2Cquadrado_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C336x280%7C300x250%7C250x250%7C320x100&fluid=height&ifi=5&adks=3485617420&didk=2907831296&sfv=1-0-40&prev_scp=posicao%3Dquadrado_1%26formato%3DQuadrado&sc=1&cookie_enabled=1&abxe=1&dt=1690052948830&lmt=1690052948&adxs=1183&adys=1906&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpt.quizur.com%2F&frm=20&vis=1&psz=418x313&msz=336x0&fws=4&ohw=336&ga_vid=1643838586.1690052949&ga_sid=1690052949&ga_hid=402134110&ga_fc=false&dlt=1690052948374&idt=342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d7fbc72cd886f30f16e23e2c81aa86136c3408c6418c025a322892a67ffcaee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12015
x-xss-protection: 0
google-lineitem-id: 6340379513
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138438415236
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 395ms
395ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2655375327086908&correlator=2801463201393196&eid=31076291%2C44797786&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=168346508%2Cquizur%2Cforadapagina_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=6&adks=2674228948&didk=1108992313&sfv=1-0-40&ists=1&prev_scp=posicao%3Dforadapagina_3%26formato%3DForadaPagina&sc=1&cookie_enabled=1&abxe=1&dt=1690052948834&lmt=1690052948&adxs=0&adys=2&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpt.quizur.com%2F&frm=20&vis=1&psz=1600x2720&msz=1x-1&fws=4&ohw=1600&ga_vid=1643838586.1690052949&ga_sid=1690052949&ga_hid=402134110&ga_fc=false&dlt=1690052948374&idt=342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d0575eb6cb9554ea72d75bd3342cb1c21436fb8efff4cb20f9dd7cdbcba4bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4024
x-xss-protection: 0
google-lineitem-id: 6339262689
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138438626519
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame 5913 197 B
691 B 449ms
32ms Document
text/html 2600:9000:2117:7600:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmr0nz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:7600:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 560
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 173
content-type: text/html;charset=UTF-8
date: Sat, 22 Jul 2023 18:59:49 GMT
etag: ba5203ce522cc70a434e9a70452ca145
expires: Sat, 22 Jul 2023 19:09:49 GMT
last-modified: Tue, 05 Jan 2021 19:37:57 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 14d7b62a2939d8cc7dc4d65d3de7b692.cloudfront.net (CloudFront)
x-amz-cf-id: aytWaMeoMHumlRyOfTlafHXZcRrk4zZrcQr0G2fCo2sUKL4J__ONwA==
x-amz-cf-pop: CDG50-C1
x-cache: Hit from cloudfront

GET
H2 200 quizur.js Show response
me.jsuol.com.br/aud/ 22 KB
9 KB 266ms
23ms Script
application/javascript 2600:9000:223d:3e00:1:aa11:940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/quizur.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=fmr0nz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3e00:1:aa11:940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 0dae089b1d5c18927b85e033f47cc2b3424ff1f34de34d4a424df0beb81115d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:38:21 GMT
content-encoding: gzip
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jul 2023 12:27:25 GMT
server: marrakesh 1.16.6
x-amz-cf-pop: FRA56-P3
age: 1848
etag: a103d3377ee10548b7866f7888d2c3c6
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length: 8466
x-amz-cf-id: t3uirA6Uw-X7gshF0fQvvPWob0cZTkaJsr1RefPsKjW16G4Ur7O4nw==
expires: Sat, 22 Jul 2023 19:38:21 GMT

GET
H2 200 identify_8cea7.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 31ms
31ms Script
application/javascript 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_8cea7.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMGY1OGEyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-request-id: 729714e
date: Sat, 22 Jul 2023 19:09:08 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230720113046921D5BDF006B490445AD
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0126e2be24101de034bf7b06dca3dc41e3a67ff297a003b98f40dd51bdaf7dceb7a222f45b978994493f7edfa86188cc32c42903bfc2f50c6525e0e0c2f9c7ec7126283dda38b9662229ab5eb35ec1447bcd0077b40a6d83d65940e674c3947cb9
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30925

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
692 B 157ms
157ms Ping
text/plain 23.38.98.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWUwMGY1OGEyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-27.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 425bde5e.7297160
date: Sat, 22 Jul 2023 19:09:09 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-91.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
x-parent-response-time: 128,23.38.99.91
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=35, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230722190909C665B51976B901FDEBBD
x-cache-remote: TCP_MISS from a23-220-104-212.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49819888) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 35,23.220.104.212
x-tt-trace-host: 01d9080a2d25d242f218926392faff9e6dc5be7f82d7dd6bdfa3b57ba4db7147243b0be47469a2fa744ef221acad53ae80eacb915e0729297c3f0ee3d3381f6fd223074bc3e2602c2e62376dd184d0ad2a20963c26a84fd8a0bed49f1e69743a161e942fde610419b107714067fb8a6df6
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 62ms
62ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1411900065792526&ev=PageView&dl=https%3A%2F%2Fpt.quizur.com%2F&rl=&if=false&ts=1690052948988&sw=1600&sh=1200&v=2.9.116&r=stable&ec=0&o=30&fbp=fb.1.1690052948987.1555168315&it=1690052948544&coo=false&rqm=GET

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 22 Jul 2023 19:09:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2AC9 0
0 74ms
73ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssY4GeOEar3Ps2vq4c3zWrAysBVcPzAPZedokNRDOMfLj29xioPw5r_T_WZ-QT-Uhw1E_svGElgwo6WjHn_C3YDHr5gfF1E5xJl4aYw8vj8pV9NiXSvZJ1w4jwACSh7SwxaV5F9ewHcMe1Af-s1FtDwQ7mI4NS8dIvTAvwzHahw0G5EHqjPAFNEb8DaEUQS-5gpb1vA8r7_yjsts5Y_mwEN__g6Fq3vSOYN4c7MnwLLACFd095Yj2yDgqzqYDx-CAc4FkUzCh4iajCes9nxKuI9mRI90KjNr8tfFzfXBcR0lQJ39TUQ7BXhgIQJxAQBXHfvx-iTVhCogMo&sai=AMfl-YT-S1hdicPsBL1IxHy38v27McJpMrDXePF2YTbgY7TrZCHnSYwR70UBbHQYNTP7-APfiJLfRdxhXfSG2UWzGLUZn3A9_T1_qOTvhLtFu_O_HL6F50uPFTFNbmBLGA&sig=Cg0ArKJSzLwNd5hWGUHvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/96068/ Frame 2AC9 3 KB
2 KB 152ms
57ms Script
application/javascript 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/96068/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9835347920b604b157902d2e3c2c6f8692a4ad0104d8727f8d39f0e62e5542a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 1278
expires: Sat, 22 Jul 2023 20:09:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AC9 179 KB
56 KB 49ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
DATA 200
OK truncated
/ Frame 2AC9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ced2f53d5282eeaeaec9c8670f424e5e894a13a51cf65bdb2cce44dfc17ff6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 693B 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 19:09:09 GMT
expires: Sun, 21 Jul 2024 19:09:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 84ms
23ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/quizur.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 272
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 22 Jul 2023 21:04:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 43ms
40ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L92XFPRQ85

Requested by

Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/quizur.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78fba82bc698e0644e1f796af93e78a270e0a58768d0d2c17970529122deb851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 42ms
40ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L92XFPRQ85&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNQ8GCX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8efc99f47add42a00d90e8346ecaef977cf00501c5054e5a6dece7d1b94e112a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 599 KB
131 KB 43ms
43ms Script
text/javascript 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/96068/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4d6a95e8dd6252c30717fa715d5007ea4c15aa078b6eea84fd74eb8ea5f3310

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
last-modified: Fri, 21 Jul 2023 09:08:01 GMT
x-amz-request-id: 4QZ5QB50Z8GY0FVB
etag: "3d22c2849c50b446789dabd396cb91fc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: d
accept-ranges: bytes
content-length: 133767
x-amz-id-2: M10SQCNuFQ3s8RY0YkjDLKYdU0vQevqgOgrcDHq513gpQCplZk+QZIlczk1n5YnnciJvGo61xX8=
expires: Sat, 22 Jul 2023 19:39:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2AC9 0
0 121ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTxh1PPUdgy3-m9WX5fkJHODlYpHIlh2Uc0ImQiasPfzOZgfWzgQ5jHHtm-zZwjKvhmgZ9zMO4xXB32m9lALefeL_gC7t9wrgBiarfjBgsiBZJstpye4l3q7Lbear7Wh1tpbJKc1R3oM_IQJ8Usrghf5sefAETGYocsZGvi38dX7-FCWnkwH13g0MvlrV2ItAu1byCOtiMpgQUwx6h5q99U_6WnLJjpu1yOFg6q6_56xqZTSMYcKpiI1vNwzYtFSlVKJkDjBQJZxDXAHRtsu9E6l2QcjbM7cGXFPYchDjpRvwkUHTkhSBZxzDq72bk3HgH2n7t8yvblfufCA&sai=AMfl-YSM9c-cwKREDOawo2NwgckPXdGBMC6eL94rFygRfclWtfUCpIGvyYrSCJ4HkxvXm0Ljk3-Y9cOIPb_jmNIa64dp9Dus3zCbp-Er5idR8cdgPqF2eDGg4PJBo_ZShg&sig=Cg0ArKJSzKNCCA-ETBXMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E4B1 624 B
242 B 66ms
64ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiAhMnRATAB&v=APEucNX-1ZTIO06a3uM3F_4StMkKOAYKTp0c6pcRgbKGUuEdiQTQlmtiC58Jt2YnP68979w46w82utFZsUHGhrnCYSPuwjx0HTjMajdkCxW7PIkP1wLlkLJGajTQ6_AHr-2vCCs2Hi-a5JX7Wwp35As9fYDqMejb46QLYQHBbEs5sGCFfQmvoOQ

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 19:09:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 693B 85 KB
29 KB 216ms
153ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 693B 42 B
401 B 117ms
55ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQKFqgG6VGknVxbV-t7z4OUVt8we8Qpo2zR3rhn2CzOCv0PqZ5f5PC0OZxT3JZZ60kqts25vs2Bc7IdQ3Pwud7pPcDM5K0QcZOMxrYoERVfvI55vU

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 693B 0
58 B 121ms
59ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14026715434739252576&x=1&ct=76

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1135760/65089104/xbbe/creative/ Frame 693B 256 KB
78 KB 200ms
54ms Script
application/javascript 34.254.206.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1135760/65089104/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyWv9TSAxxY_ron9xSPyh584E7K_D3x1Ysb32yYSreWVGs6VNmO70bClziDZkp3g-VolWPhe02OIMpm8ebeJpeaBNWezr8f1_jg49F8sIviwoITy-pd6LdabmZECtAkSiRMAoCZ_4ATYQNALFgPWr0Bjlb_DT83uekqEBqpyLYYa2KPZUbXBQd5PVTv_kBU26nK4tZRJMVYcLrtpHOoLfJxz90nCjpii-zCbmRFZ7xgdkL8tFxLVPa8AQ20QFY521Orkfxwi1k5bP0bnsMkWlmLQBWCezmGrO4feof0VxqYwBsO2lCnt7fz7aEKs5soBDb6ri-i_dw9YQBNp2mEGN6eYUcRw_00RrR88wpxZYSesd3M4K-mIJJY3sUqABXYiAmpHTU6aPj6jPPB7b3U_VeCnBZ7N9jd1i8JXHO2DbrTEK2XKa4ZUxJuseCd1XgBuRO2Ic8-erdjmBssYvfAzb9AlozHBE9WaLx9ojE9Es6BsnJR0d0D5JDIyl4BIigOuUOkcnUW2b_rqZs5OblNk48tuwIW23SPvedSqWuj7ZfU1rCIX7Moi30k-VgvViL49KfR-lQdDZPiFEmzrTAOMlyPNVHdzjkuMTtR8Dc_70rnHrpbyBt-dRUulqkdgguarCSz0-oKDqEIVwp3ON_XhNu9QXuDHCjnlUwz0uBM6oiq1KdJgmiqYOuPiPTKlDcojK-EelgVMY3w1IjUWYftl3fpCfDxOxVwae5BBWFC49wSh-zaIupXc6nbLAww_q_pYvim1_sCIZLx7BK8Qq0L2dKvgH8fEOl2IgsjqAZ3_VaHramHDk5B3TIOuI93SjG2b1m80GEWPD3uytMUYu_C8ocWNuCaJLxNvTOZOEb8MctogRYNqOaozZ9twPCwM-w5kN12sjTEwWxflKMNsbHZ8737WqespLMnKjlFAFZfANhX4Yfmfy-caVKvyrA0afdutnQPo_noEKF5MmMwK3RqbSXxmRR4Lyhu-oEDrWkBmLLl5dM2kXI2yvthEuRy32se7UyX05JsxeeWNSYmlwW3KmrMidcTG_cCwsw2IQDVSG-dvEumnxe4g7KbekmYf6Y0yMZUqDDbn2Fap2sFCk9-e_HC-jYC5L0JNseKs3drykmgBN11PbYDqrm43nG8Z9xcrMIz10d_r3IRBoc3jISjBNEn7CaN-5oX_Fg6wFV3pQRrg2R2hAlALQvoMp8V3GUKAtmUHkiT-XSeXLw5wNJKxvS3t61UHtnjFRNh2t1aG9PSyyteQvjuhKXXLu0lssIhHcTMlPJpjLvoyLR6FjsJg8bd3o2QhAdzEyn5FW4lBLGMYgz68UswhqdvrCRklHU6rILhHe7ErH3SJ723NDGBlb68gJgS0iHhTAXFxjOVT8BSAmG-ZfYL3K1d9w3i_7JH97KQH1nGtJfgrV7KMI9o5SR3isdiW3Ttk6XB-dHhC8eOPZvoWubL1ZC2JuOu-v6cTxdmYBFDNR2YnyVRNSFxkyk7O8yKEnCPdquO2zjDJl-4ESucCmFjsb_NXSPREtSeCtgQ1exNwc6yW64LU3OcDiBqTuczR7I-ntGkXDo1KW_nW_DBsfjIwvzslEFrG3d845Mwtg4betnPBp3sThmhopPpk8F3z86ysPjKV9ot8DicqSOqPoSJyb81TMtqXUs90PQfmFigGhvvk_Oq8DWsaoFZciqso1UOIWTUSyJvusLwO_G7y9sWOns1s9zzELbokIrQV6w0fkCQ0Z94Fw_zwdpkjBnSlEOFK4HW4WL_-00dHnEZFHAkFW0ao4KoZvwFMh6zfKXpO2PcQ82MMngVdw9C0CLl8_HTwA5lPoCB7laUfPpNd_Opzd3rW8Gi8gJqTx2iNaDZ_VcJS2Kb4LPTrCAD1quvoDVx9DgioKIqS5eRYRXEuqnlHaLLUK2HA6Ugd3HsS4LkqZykuBWoyrFgRU3EcB1pOQ_gDIvEn6fA_aBD2G5wdmKmqgc3o00PMrGibkHziwHAdowqQOwlpcJth0dn3Bi_KUddo-USUrGkad8fp64tbfQMLAuEg1gDCImH8Hiw6dkVxaMT8lBOp7-eTKRm62Ezp5XNq6qehKfNJr_SnKNXJfGvTce5-wxIi9Fo2IYbsHqtjWT6VEnNMDFiJVV-KuvrRQotR7AInug_4TGNWrXnlaKNYAZ6X_utfW4Rh812u7PvkTArbKT4iREXbiio2pBi3OVd__Za4M4i8v2cFz8CO044Fsl54E0ESMvWHx12BhS-Bh1FmJ7hpCG2zZWcjzOP1BeF3lqvzPzaMZTexWFf6DMH0o336YefTqOz2KAeZdcuHm2j6NnD9yaUFCoWqlAdOkpGcweRWk0M05GurS84dO11jcUkd1cNrt29UyEbKDV0jhpl-zs1vi0KGI0LAeUHoqiguP8IZ6bJ4PLv-qfcInW6dfNXwbMrH7uvVya47V4Jk2oiXx9lYXqfrLoUCIF6FnJNYDhGSek9NiqeZQBEgcEkT6DPZCjwdevdVtBLMI2G6uXaHQ9cUSJUwPErg-3bSji2TCOVwB_aEALtpCBOFVq0w3fywk6VrXbJN3wDsKvvWbhNYfuhyvk1TUN_TRqzqdrmPIknFzZjgpeqmA-PUw38shS8vXk0Knrz221rsx4vJd1z0E6L1LHZKuAUQ1exJdlv071anM-2BWwLs5YNKQ7FcBoIx9g0PKEIUu76-57D55B3dhhpQkBAxxOKb788FjSYAm24EtNFrc4Q4q_gfD85GiOosWRjybdLHGyFqankXbs8yCQ8Pje7jKNFHPiPQqg9F5O9KQOrFZyJ-IbNXjQlI6LHR_ZHEJ85DSOlwOS_OT3dKlOPO4yvcI4LnuvrTJF8-u2U75c8usDsZrP9vnyoZwLzX7E-xMibrYcFiV9Y4kLr6vnxJsr9sgw7L19Jlgn9DCIZ7HsqFMnndNQjLvnQgv3WOdiNExlLrFOvGHoAi4_uGi2hv04kfNYT2RWJfskmILmdaXFlY-pxlaKBFg4rAvrYNK-HnMnNdxNPykXEnWqLJzMCyvK8PzUJ6PKBZIx-2zQ97D4MNy07epsnak_-wMxk_tIZp1rrqYrPJL2bLlCUhI1c4aed1y6KFEGejSvAJI4QHwnOQIlSOz3Mgeqa2C6N3F1qYo7FOq8tIgKHT4ElJlkY376yOTVLo1FMBRC0UuZq4F2bNZ4O-ih6ILqw92iGZZhLMuemt5sEJZTMqXA5qWypiiYARknReaMi76AUG9bGq5HuaUST3esHwOivnxE4t06lNxTbSJw7wvKrmj_5q5pYURLocci5zAcQuHdf_1hL6jRe2_BKvx02L6CcHyqB2A7zkbPc9fl-RrQxUuojLr7kI3geJiRUSL0rl89kh7BdfAppmx35h45wz3ss6DbPL2hpBCAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAFgAQ&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2862082324212006&ias_chanId=1&ias_placementId=20163094551&bidurl=https://pt.quizur.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hI73Cv7S1miFyTnqGuMHgm
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.206.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-206-221.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ee1b1378004a61106aae6c322cbf30758060ac6b98d44de007c727262fba5f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 693B 3 KB
1 KB 86ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 09:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 09:33:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 693B 20 KB
9 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74997
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Aug 2023 22:19:12 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 693B 0
0 30ms
29ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9f0zZrU8DkQrZmeKt_Umlq4aHuZCr7V9BpALY1oROcv0u_IVpEaZ7sQaTd2t0HEc8iAguykAl23Ox-lzkt9GdgmbK_w
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 693B 179 KB
56 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18D4 0
0 61ms
61ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ4rX1WCxPQ3mOek1LGM7nH8IqOg1KkMt7PGlebhRUaB2c0ekfmhJ54YcqEk4eQ5KcqfCymB_6OV6kAKI7ogjUgpzpGevK0ZzE2ycsaRhseejK2cy-S6ke5_rGBu78VWCQikN3xACZbWbtZRUvv6PFMSUHDG5ZPuP42yq7pp5FILUOgMBQWOerxvoVSTnaqYld6nPurYp5kstAZnesBxbyLDXQ4SpW1aZG-aA0sMoU0Y1FH5lcKqR3qP-9zcaDnmrM5D-0RRMbrhV43l-jwjyUUXE2p_dmsDYB77ChdYWW753l3R_7qnzyBeMiXmKusfTZlYgGaffmZa8hwywhT3QAfLIgawo3EQ&sai=AMfl-YTT47kujp4uZefYYGl5d9N_rdM8RF_hZN-LBQnADCmMezrsszJ4XMpkffm76Ob2hWBdg3OUu04eETJuaUjvj8Y_p2iv8bphvx7dG4CLvLfbSNOP7Te_fCc4HvFtLw&sig=Cg0ArKJSzGnCw9lOHSfuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 2b4226dd7ed6eb2d419b881f3ae9c97c.js Show response
scripts.cleverwebserver.com/ 131 KB
48 KB 116ms
36ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/2b4226dd7ed6eb2d419b881f3ae9c97c.js
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab5d91abeb5c5417de80b6017495068086b5fddb6140094286d865b5c6a4b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
x-amz-version-id: 0H7in872X7eeAtnDAmrAEHbe4obLH9rv
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 17 Jul 2023 10:24:22 GMT
server: cloudflare
x-amz-request-id: BM4RA79Q0PPKDEM6
age: 171
etag: W/"248879829f79ad8c9a6f18163cecb413"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 7eadf9f5ad923643-FRA
x-amz-id-2: 5MPajYBsk240I5dZsfDa6u+sg3rLglKbFB0PBAR3+Gjjo1uQ1CjqO3jXWnqwOod/dPsg+WBy8qU=
expires: Sat, 22 Jul 2023 19:39:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18D4 179 KB
56 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H2 200 5728-2729-01.js Show response
t.seedtag.com/t/ Frame 50D1 46 KB
14 KB 122ms
52ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/5728-2729-01.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1587d845d642921dab9754e8e358e64a182975a26dd796509cca0797f1429f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"b6db-KqWCkjOkq3AKihtZzO6FqwXWnko"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 7eadf9f5a9265b44-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 19:29:09 GMT

GET
DATA 200
OK truncated
/ Frame 50D1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10e4293d18242bc7e51b1bf869705da8ff6a7452215cf49120ad8c0251203e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 50D1 0
26 B 61ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOyUCQisH74EVQdSdhheXiSV_cvb4_FQsenx-7nmIHqWB1gyrLoTvBUBa7el4yRtaANhAqIrhmVCJob9bweLKB9stw9Sf5G-XBPgGFthHsqjBAGl1h12DE4gWZxsxjxDKhxqh4GWvyM83ZGPcHNbL-T8MtZxEir2tZ4Xl0UTrnwi-WRgQMQG6Lm9c6qtebOekVpCV5XOqgMgLSf6affSDk0LMbypeO8ZeWx883dJZkSyg7lJbLr0TDiZ3BRm987Fs00q6fkNXS1tCA6OJ6YWljiKhDu9awXYR84pAJPzKRBV6cjpm3ROlbYxqVSqbiyIXVaaZmQIsYS-2I2-Yl&sai=AMfl-YSoMv3zGCT88-mIA6aFwtlHVlGixU5f_qlNtYIVZsNuX2XIelqzIi-Sln3cUvAgd_gVwm3dMu1WxSJsozSTizrb5YVvdNpOsGgEtBgd6BR41T8mWjXQwS4kwCM4-aw&sig=Cg0ArKJSzK0Z2YJB7rYEEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 8167.js Show response
cnt.trvdp.com/js/1753/ Frame 5BF9 8 KB
3 KB 150ms
36ms Script
application/javascript 99.86.91.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1753/8167.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-28.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37ad101c490fae96d00dc387153203db797f14cd794de6d6d8bd10f152b6a80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 16:42:03 GMT
content-encoding: br
via: 1.1 b1ad21a1c87634925e5dc35bca5ca612.cloudfront.net (CloudFront)
last-modified: Sat, 22 Jul 2023 16:34:48 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 8827
etag: W/"4983838b54eb8cc7d2524cae3898eff8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: q2EkVi1kYEJLZB_NBZX1Yu0zaYMULWtW9-BMrP5xssqjOStJTBbMMA==

GET
DATA 200
OK truncated
/ Frame 5BF9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b193e3573fed36718b19384adb92f93e1d0e9ac5bba53766b04fc7eb98bee9ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BF9 0
26 B 71ms
64ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui7Ea-Oo3z0l-KZII5McKTRnshc0XwkfduccYId6KUg4BLxuC1MkhpRe3KNlwlhI9Q4ZT0fcKp-r2rzooJ-p39pvSfHjoGMgWwmVTbGKWriaReszrxEd2xAvT13VYs5O1okw5Vo4WhNbrez4vEPzY0CsVJJObuKZTlbZQIHBei3ABawBb0FRd1w21-1TslA0VSsmk3L2N0jbtttTeOS3w1XFQW0kQrwm9AmalopXQ28sNF9tXYyQ5yQtF9mG2_-JFwUf2AJyaQF7fuyDjcFRxXMHMQe5ojtS3C5D4tmo_lOdbwP3_EtO_7KPY8OkYvbAV_-nUHxsZwT2O9o-2C&sai=AMfl-YQqtLDGhvhnWSAA3o5cW3c2eSV2VnsPYoKrQQP0ZdX7LvrvY5KEBYvrDIUqzwnLXAlVrRVrjL7EnkoLaefxl-MOzecBeymlBJcIti2p-XgQZlmbFEkZNvq8xifut6Q&sig=Cg0ArKJSzAnkCCBwdfA3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E4B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1&C=1

43 B
766 B

27ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiAhMnRATAB&v=APEucNX-1ZTIO06a3uM3F_4StMkKOAYKTp0c6pcRgbKGUuEdiQTQlmtiC58Jt2YnP68979w46w82utFZsUHGhrnCYSPuwjx0HTjMajdkCxW7PIkP1wLlkLJGajTQ6_AHr-2vCCs2Hi-a5JX7Wwp35As9fYDqMejb46QLYQHBbEs5sGCFfQmvoOQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Jul 2023 19:09:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 22 Jul 2023 19:09:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E4B1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZLwpVTvthcwJXB2pSXAVpAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1

43 B
766 B

27ms
27ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiAhMnRATAB&v=APEucNX-1ZTIO06a3uM3F_4StMkKOAYKTp0c6pcRgbKGUuEdiQTQlmtiC58Jt2YnP68979w46w82utFZsUHGhrnCYSPuwjx0HTjMajdkCxW7PIkP1wLlkLJGajTQ6_AHr-2vCCs2Hi-a5JX7Wwp35As9fYDqMejb46QLYQHBbEs5sGCFfQmvoOQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Jul 2023 19:09:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF_lHCmDPbJNo6cV1L6HTGo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame E4B1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJcuRbIhQzJho-lo1evEKq4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcuRbIhQzJho-lo1evEKq4%26google_cver%3D1

43 B
891 B

30ms
29ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcuRbIhQzJho-lo1evEKq4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARiAhMnRATAB&v=APEucNX-1ZTIO06a3uM3F_4StMkKOAYKTp0c6pcRgbKGUuEdiQTQlmtiC58Jt2YnP68979w46w82utFZsUHGhrnCYSPuwjx0HTjMajdkCxW7PIkP1wLlkLJGajTQ6_AHr-2vCCs2Hi-a5JX7Wwp35As9fYDqMejb46QLYQHBbEs5sGCFfQmvoOQ

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
an-x-request-uuid: 7c38f656-16ac-48f5-b4ef-572a37626c23
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
an-x-request-uuid: a11426a5-6be7-4803-bf7c-b6016f19256f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJcuRbIhQzJho-lo1evEKq4%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E4B1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MjkzMTg2OTMyNzA5OTM4MA%3D%3D

170 B
243 B

34ms
33ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MjkzMTg2OTMyNzA5OTM4MA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
an-x-request-uuid: 2d8e5053-39c1-473e-9c36-d8dae4370c41
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjI1MjkzMTg2OTMyNzA5OTM4MA%3D%3D
x-proxy-origin: 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame 5913 4 KB
2 KB 30ms
29ms Script
application/javascript 2600:9000:244f:6e00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:6e00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.23.0 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:24:04 GMT
content-encoding: gzip
via: 1.1 6bbb2da0f4f203dadcd8f0ae1073d674.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
age: 2705
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
last-modified: Thu, 15 Jun 2023 09:26:09 GMT
server: marrakesh 1.23.0
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: ZQjDQgJizdguMjgYzSUTosJibw7DNQk9Ayzr9A8UuFGwHDaDd42gyw==
expires: Sat, 22 Jul 2023 19:24:04 GMT

GET
H2 200 wigo-no-slot Show response
sync.teads.tv/ Frame F6CA 325 B
477 B 79ms
55ms Document
text/html 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/wigo-no-slot
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 325
content-type: text/html; charset=UTF-8
date: Sat, 22 Jul 2023 19:09:09 GMT
expires: Sat, 22 Jul 2023 19:09:09 GMT
pragma: no-cache
server: akka-http/10.2.10

GET
H2 200 track
t.teads.tv/ 23 B
104 B 308ms
60ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=08f5e41a-ea8e-43b5-a49a-49a9d2152e4d&pageId=96068&pid=103998&debug_metadata=yxiSLN9bef&fv=1223&ts=1690052949428&f=1&referer=https%3A%2F%2Fpt.quizur.com%2F
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 310ms
62ms Image
image/gif 23.212.89.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=08f5e41a-ea8e-43b5-a49a-49a9d2152e4d&pageId=96068&pid=103998&fv=1223&ts=1690052949434&f=1&referer=https%3A%2F%2Fpt.quizur.com%2F
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.89.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-89-35.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Sat, 22 Jul 2023 19:09:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 18D4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72027accaba5d89b36e87c380ccafb5f09422215e9d3f84fa83009abfeb8f67f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18D4 0
0 63ms
62ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsse_lg5PmB7omE77XORvm5xgLNd6yS0rs0wmcagHZWLt1M_3SQs0shp8cgk4N-nZaYkiO1DW_GfUfEJg7K8XVp36W6ogbUsMyA9QZ0CEUmGzvyZDLwHL2jVPgxP_WTI38hSp0k8waJH5SeSVumH7BuLv91MPkH3ExcBLepEkd5pXRVYUtkB1uWYAJWqaY84NP2RjCyfLjxsMBAIYjyqNWU7JMFJ0960IwrXBlAJSaiGSfobzERzPYhLwW1tMFB7LEdh0wrjbUeO4KiLOS1O05D4rjyl_B9bBRjyyBl0mh1stBKtAkV-R6461n9zqVVdyo1LKc1Bam7Iq36ImQ&sai=AMfl-YSzDPbl1V8htnIFIpveP-7Rhem367wZkUsu1qJQ7Lw8X2-QKyi04_BKAXE0rTek-PtE9FzCEAY1x-k86HLKyaom6tXYgnxwc4eKTo9hAr-QqiXIoBZIVjKGNauUeA&sig=Cg0ArKJSzNeZTxemsw6zEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 19:09:09 GMT

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
197 B 60ms
42ms Script
application/javascript 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19f98edad3fa892172e991f5acad33558c5ba977c7eb9f14870e9c1f81b7836d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7eadf9f68ee63643-FRA
content-type: application/javascript

GET
H2 200 5728-2729-01.js Show response
t.seedtag.com/t/ 46 KB
14 KB 30ms
29ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/t/5728-2729-01.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5728-2729-01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa1587d845d642921dab9754e8e358e64a182975a26dd796509cca0797f1429f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 0
etag: W/"b6db-KqWCkjOkq3AKihtZzO6FqwXWnko"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1200
cf-ray: 7eadf9f669d95b44-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 22 Jul 2023 19:29:09 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 693B 0
56 B 56ms
55ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3883838268369&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 693B 0
56 B 55ms
55ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3883838268369&version=m202306200101&ct=76&x=1&cor=14026715434739253000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 693B 16 KB
12 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CI9T-yXNZvIuhVSSwq0P6AE7sKpVCAi3u9BdSWoBk1HnWq-f4Dhi5VriZhnaEm-cS69N7y549LpeKiz__mPMCSof1S53u_wb4DfBsRPPXh3pAN5liCM9R5Id7i9h90aCqhXCkf_IW7HLyPuSI9nmlcc8xygN01fadMBSuLkh3LAjUb-cg&cry=1&dbm_d=AKAmf-ClEu62p8BEZDShmQBkSdCvQNdPPEZwXYLm11Ai_hfCxYQ2a-yi9lfvyNQvxtXfCMmKM3uCo19___MCGEg3v4AyFxU7oWOVGQYr_1viGnoDLKIxYdupjczNTaKIRhq-pCxMyEoPpm1FZnEELEl2-s5NXe2zEET7MEpE6lyLZhmZb6quR8ZgHnz6_Np-afu6yiOTJySdVKd8zxLn327i9q0egGtUmhVb45bvIBP10E8kJoa2N9HU0YeYb6kxaLoD67V4zwHXM6aAwb0I9SAfklrYHjIP6vZsJU-Cz1yns0Uz98F8npw9eVE7vq54a660RfXA7-VMnpP9bvbOchM5nTAt7pktQrrrMFAEdGlVG5TGLFjeP2qafuK0k71GevekXiNPhZ9i5WF58x65VZPyMO0cwTNHF8TJ6jUJDjWfKW5nb6veXJvHvWwobZFqnq1LW5WIMAd6qplJx08TO7B0o3A_6nXmfiLu0IVAISrVS81soGoQrPPStHGnY2ZyWg4RH_gdVXOnvImMg9Q0QvzsKnVJWt9BXzHy6c28uszfu0M7MWC19s2YctxBBgC-oiRI7YjGCx-Jw2_rKbMLNjuq6kg6vwZhF2enfqigo_YBHWVO9X8n4qCwfbfc-b1snzIhqcB8HdxejPuSMjrbIosP0bezstSWd8Opj3bk2dibOiukzBEnmuYBaCXbT0j6ayQ6ZLuc1yAzymjgtQos0qzv9-_GAIbuXgptXZfncUZXu6XL8qCknPQg6g0aIRrPq19fMB10eccPIb6GUL0XWLb2By75nszLWg9eFTyziWidcnDt9HhXPQsi_xssjtxac4ugkWdirMvwKAWypHA1OQm-7U2ZvwXkxbzYvrWY81AGKI9Ot5RAqhdFblVpqWtnFS6iIioHFAI1xe-OHdqOYXsm_r9HZonCbjDD4w9duAEfNkFLMiVb3LW-kHpq7oO1UgGoHUDUA2xuTo-lmZ19ruIwzAXPOkvDg5P_qs8MeGdNM04nZdzEc6caoF-flaW9hswmmqo4-Jomq80XOYOtePTsn6_9OWVpyUHhtnugJdbltVgX-l4EfWVq1WTrBCSLbWXt5XYPHATlEiEcTIyec3Wg6CmM7z1mzViE5_kUinWnJ5qgx077-WnIxXCFBOXkqMvkNmQXdjWGKi6LPCCOMSAbhaNuRGL-QXTAmuWElg-VsGn3c5fEXAxQ4fYHlbQwI9V2grFMjuIPsTXcQn0DsBvbrTloGM5DLiM4ivKXKOGznfafggpRc-_Q0Z_if4ByViafvySEUHEtebqbAYausFTxzK_tayqwrXsV2XitRWTX5VhE8SUlNGCEmLuxubWLH98Cl4MC7GfLPxooeuw6xeDWthNsDA_H6vxCFMZPUXyf9etKe1pyRb1uV9vbhBD4m_FKK67EiwYs4As0AvxgMSHS-Of08zXvQxXw8rjKYxAQm2zFrMQfNFdONfT35Ptt23-e0uSOJ7_eYsIM-KhiZ-hzNYBGwwTCuEBuW3dddzRJfemfDQ59Zs43aVrMkV20Ptd9uYQCQNQjld64L_mdSTDqFGxxrBv9-CtKFajVyith94Vp3KwJVrr7GX_JE4OtAxpw2tMCELUsnxnXoOrffdKdNUelAUvJ1ayY89Por7L4RgsseaDLbp4Kaf0WIUfHkBF2hP-ylaQHs3AgxxdGd_Dy_gY5RY50E_aNroSnbnccTnpUL61JhHnkLj07Q8ePhPQ4GBe23S5Z7_C2xzF_MgLqk4lBfYlxBk7zr1xCF4lxdF4U8Cn9u2PIP1rk9nUQCoem-3ycnIP-k_j4bzfj5Q8qdSsXta3s0ee1o1clF_CqXkn3dUQ-jme_nIj1yfKsIYM2VtgaVQuZGtYxPkZRKXxHqY1Bar8Hi_kDtm6y5V8pvmcEkrx-GreBfGPS_yVF96AQtcnKbcvcIadRlvNLWxNIvllEr3eDR8lJLs7TxZK9dU0BQsDiQt54CzUiQ8ULy0400M-vmehEGUvZusIosQHiBnEj1Uy1jjzoo_5qtqrW4Cxld2hFCtaqCQtryWIiilBRFX-natLRjNnsXtk14hmgbSJg97eKBhqj9Dbbw87prMyoIM_EBy3dQ2MLigpaHiUU9w6jGWpmatt7v8uIO7LHm4l1gnKaemD7qMKZ-4hJA_eDDrNREzcp3Fb2wzF5XuQQ4cyXkeWgXt7mXtC7dm7YZGshBKsrpYuvL6aTR8W9AiHA4uGnP8ZiKkyVV1nnJ7oErJC5jAkJqmyz1HOWyn7zJDyIwLEfMKEUu5jiyjFHhH4WhUX-4yPeDQIjfjqYLdE6fB5FUMJWm4QCSxgljerkeDSKiloQBFVlTL0Ao8-LIchVFtBS5Q7d1VY3RLNjD5KRgXt1byJpm5iGcHaIftgeX5845uEasHbdrX_hD3VDuiCWPy3ZZC1f7-eBrANsMFhV1ZsFw1hEqcs72GZgdjSkTsU61TcJRE8NOWFISiwfdu7wazghOJn83DVMn3hbRQnm-QzPzIV6xWfpGR6ujTKf8-P8dBFMoCQffSfzDjVc6y6tSnlMv-qhuTw98dhLgTJajEIiV6-H2ZpI5obO4Ce-oNRJsfY4dXJpWxVaXL6ZOPcAIgOqQkHiAzF_TQAQ57zpqxSCsuOv1sn8zZ73vXJ8YhAkkfPb7mFfQAbuJytdQeaL9WpnO9dHFxPqSc_TgOMhKrlJYiGdswRkidTQLqyB6h0Zo5iyO1NjeL0BEA9MrapzVmTWtKWWwKUCxrcMIkV5v9Zq-xpTaWYlJqkYtFL7xmbgNaMsdYj-3Xx7GURXhuu1Uu4QaYRbrApIh5pIGMZoHadDvKS-wcrCTpYEqWIZ_cQDnbwWXg&cid=CAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpt.quizur.com%2F&ds=l&xdt=1&iif=1&cor=14026715434739253000&adk=2086295851&idt=234&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b96141330555c0bdb76b20069c61146556d8d6d411ba9ed0ac70bf1b0e6db7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame B68D 0
18 B 21ms
21ms Document
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://pt.quizur.com
Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://pt.quizur.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 19:09:09 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 st_1.a48d6721f9bac3e3c85a.js Show response
t.seedtag.com/c/ 59 KB
18 KB 31ms
31ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_1.a48d6721f9bac3e3c85a.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5728-2729-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 708b8908f8f220a38470eb3cc2bdb82a0dca2d0e9c95ee11e221fb27e5330e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 26623
x-guploader-uploadid: ADPycdskpgk5xlHc5ciKyx50ai_DjZUdU27_xSj9fGIPN6RRUNxt_zh8PTdjPzGQ5-G7chRvylAMqkQk74sej6mZLg-2ZvsWt4W3
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Jul 2023 11:45:19 GMT
server: cloudflare
etag: W/"fc089fb74fc7298f99a7ee3c1c5bb612"
vary: Accept-Encoding
x-goog-generation: 1689767119108378
content-type: application/javascript
x-goog-hash: crc32c=m6os0g==, md5=/Aift0/HKY+Zp+48HFu2Eg==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 17599
cf-ray: 7eadf9f6cb132c7b-FRA
expires: Fri, 22 Sep 2023 19:09:09 GMT

GET
H3 200 st_0.236e5bfa3ae0006ebe29.js Show response
t.seedtag.com/c/ 310 KB
88 KB 53ms
52ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_0.236e5bfa3ae0006ebe29.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5728-2729-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d03c6840e4b03d791b6417fac83d8dc7569f4591c4d6d3b418c53facfaaed34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 26623
x-guploader-uploadid: ADPycdsW5pANRvaUCLOVH1yCIhny-2PbT6LFXNjRrKfAn-knj_VXiSlC9nIdKfJPSF1gyx2gZTWu8KP5UnQgLxCWQ6uOfsSrz6TZ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Jul 2023 11:45:19 GMT
server: cloudflare
etag: W/"5a4d63c007b3ff2bd1728d525cda8203"
vary: Accept-Encoding
x-goog-generation: 1689767119074159
content-type: application/javascript
x-goog-hash: crc32c=eiVXPg==, md5=Wk1jwAez/yvRco1SXNqCAw==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 90984
cf-ray: 7eadf9f6cb162c7b-FRA
expires: Fri, 22 Sep 2023 19:09:09 GMT

GET
H3 200 st_2.1317d66e6bc0a7363589.js Show response
t.seedtag.com/c/ 5 KB
2 KB 30ms
29ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_2.1317d66e6bc0a7363589.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5728-2729-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2298ef750e255774e128e89785ea60aeb46e21e573c9c0a1d5057df155dd0b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 26623
x-guploader-uploadid: ADPycduwIHQGHvEFy8SG6D1j4nTxZQhLgf5OL7hZiEuD9STF_q3GTGuCvChoS_mwCPKflpYrDNstbbk4V8KesHXJwzmNCA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Jul 2023 11:45:20 GMT
server: cloudflare
etag: W/"db41a1226f879fb7e2c603a4c962a0db"
vary: Accept-Encoding
x-goog-generation: 1689767120124056
content-type: application/javascript
x-goog-hash: crc32c=iFK+NA==, md5=20GhIm+Hn7fixgOkyWKg2w==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 1840
cf-ray: 7eadf9f6cb192c7b-FRA
expires: Fri, 22 Sep 2023 19:09:09 GMT

GET
H3 200 st_3.6f0a58169bce5d640010.js Show response
t.seedtag.com/c/ 50 KB
14 KB 95ms
94ms Script
application/javascript 104.18.131.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.seedtag.com/c/st_3.6f0a58169bce5d640010.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/t/5728-2729-01.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.131.145 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15bc1f3ab8a136d1074f164aec63c58b1c15404b56e80b079dd80dafb334d7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 26623
x-guploader-uploadid: ADPycdv_GaWxdidxwkUy4WclC1vHuKXlHD_1ykSd3L7TjWluzdB5iQv3skNLIDiHj704UvBXlCThcLzuyi2AJJr-MAHYsqhcTVEb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Jul 2023 11:45:19 GMT
server: cloudflare
etag: W/"803c9efb3756f4558173bac4ee78193e"
vary: Accept-Encoding
x-goog-generation: 1689767119804941
content-type: application/javascript
x-goog-hash: crc32c=S6Dj7A==, md5=gDye+zdW9FWBc7rE7ngZPg==
cache-control: public, max-age=5356800
x-goog-stored-content-length: 13528
cf-ray: 7eadf9f6cb1a2c7b-FRA
expires: Fri, 22 Sep 2023 19:09:09 GMT

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 67ms
52ms Image
image/gif 2606:4700::6812:18f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=60000&c=DE&r=null&l=62&b=Chrome&os=Win10&mob=0&v=1.44.2&ref=aHR0cHM6Ly9wdC5xdWl6dXIuY29tLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7eadf9f6ef793643-FRA
content-length: 43
content-type: image/gif

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 693B 41 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CI9T-yXNZvIuhVSSwq0P6AE7sKpVCAi3u9BdSWoBk1HnWq-f4Dhi5VriZhnaEm-cS69N7y549LpeKiz__mPMCSof1S53u_wb4DfBsRPPXh3pAN5liCM9R5Id7i9h90aCqhXCkf_IW7HLyPuSI9nmlcc8xygN01fadMBSuLkh3LAjUb-cg&cry=1&dbm_d=AKAmf-ClEu62p8BEZDShmQBkSdCvQNdPPEZwXYLm11Ai_hfCxYQ2a-yi9lfvyNQvxtXfCMmKM3uCo19___MCGEg3v4AyFxU7oWOVGQYr_1viGnoDLKIxYdupjczNTaKIRhq-pCxMyEoPpm1FZnEELEl2-s5NXe2zEET7MEpE6lyLZhmZb6quR8ZgHnz6_Np-afu6yiOTJySdVKd8zxLn327i9q0egGtUmhVb45bvIBP10E8kJoa2N9HU0YeYb6kxaLoD67V4zwHXM6aAwb0I9SAfklrYHjIP6vZsJU-Cz1yns0Uz98F8npw9eVE7vq54a660RfXA7-VMnpP9bvbOchM5nTAt7pktQrrrMFAEdGlVG5TGLFjeP2qafuK0k71GevekXiNPhZ9i5WF58x65VZPyMO0cwTNHF8TJ6jUJDjWfKW5nb6veXJvHvWwobZFqnq1LW5WIMAd6qplJx08TO7B0o3A_6nXmfiLu0IVAISrVS81soGoQrPPStHGnY2ZyWg4RH_gdVXOnvImMg9Q0QvzsKnVJWt9BXzHy6c28uszfu0M7MWC19s2YctxBBgC-oiRI7YjGCx-Jw2_rKbMLNjuq6kg6vwZhF2enfqigo_YBHWVO9X8n4qCwfbfc-b1snzIhqcB8HdxejPuSMjrbIosP0bezstSWd8Opj3bk2dibOiukzBEnmuYBaCXbT0j6ayQ6ZLuc1yAzymjgtQos0qzv9-_GAIbuXgptXZfncUZXu6XL8qCknPQg6g0aIRrPq19fMB10eccPIb6GUL0XWLb2By75nszLWg9eFTyziWidcnDt9HhXPQsi_xssjtxac4ugkWdirMvwKAWypHA1OQm-7U2ZvwXkxbzYvrWY81AGKI9Ot5RAqhdFblVpqWtnFS6iIioHFAI1xe-OHdqOYXsm_r9HZonCbjDD4w9duAEfNkFLMiVb3LW-kHpq7oO1UgGoHUDUA2xuTo-lmZ19ruIwzAXPOkvDg5P_qs8MeGdNM04nZdzEc6caoF-flaW9hswmmqo4-Jomq80XOYOtePTsn6_9OWVpyUHhtnugJdbltVgX-l4EfWVq1WTrBCSLbWXt5XYPHATlEiEcTIyec3Wg6CmM7z1mzViE5_kUinWnJ5qgx077-WnIxXCFBOXkqMvkNmQXdjWGKi6LPCCOMSAbhaNuRGL-QXTAmuWElg-VsGn3c5fEXAxQ4fYHlbQwI9V2grFMjuIPsTXcQn0DsBvbrTloGM5DLiM4ivKXKOGznfafggpRc-_Q0Z_if4ByViafvySEUHEtebqbAYausFTxzK_tayqwrXsV2XitRWTX5VhE8SUlNGCEmLuxubWLH98Cl4MC7GfLPxooeuw6xeDWthNsDA_H6vxCFMZPUXyf9etKe1pyRb1uV9vbhBD4m_FKK67EiwYs4As0AvxgMSHS-Of08zXvQxXw8rjKYxAQm2zFrMQfNFdONfT35Ptt23-e0uSOJ7_eYsIM-KhiZ-hzNYBGwwTCuEBuW3dddzRJfemfDQ59Zs43aVrMkV20Ptd9uYQCQNQjld64L_mdSTDqFGxxrBv9-CtKFajVyith94Vp3KwJVrr7GX_JE4OtAxpw2tMCELUsnxnXoOrffdKdNUelAUvJ1ayY89Por7L4RgsseaDLbp4Kaf0WIUfHkBF2hP-ylaQHs3AgxxdGd_Dy_gY5RY50E_aNroSnbnccTnpUL61JhHnkLj07Q8ePhPQ4GBe23S5Z7_C2xzF_MgLqk4lBfYlxBk7zr1xCF4lxdF4U8Cn9u2PIP1rk9nUQCoem-3ycnIP-k_j4bzfj5Q8qdSsXta3s0ee1o1clF_CqXkn3dUQ-jme_nIj1yfKsIYM2VtgaVQuZGtYxPkZRKXxHqY1Bar8Hi_kDtm6y5V8pvmcEkrx-GreBfGPS_yVF96AQtcnKbcvcIadRlvNLWxNIvllEr3eDR8lJLs7TxZK9dU0BQsDiQt54CzUiQ8ULy0400M-vmehEGUvZusIosQHiBnEj1Uy1jjzoo_5qtqrW4Cxld2hFCtaqCQtryWIiilBRFX-natLRjNnsXtk14hmgbSJg97eKBhqj9Dbbw87prMyoIM_EBy3dQ2MLigpaHiUU9w6jGWpmatt7v8uIO7LHm4l1gnKaemD7qMKZ-4hJA_eDDrNREzcp3Fb2wzF5XuQQ4cyXkeWgXt7mXtC7dm7YZGshBKsrpYuvL6aTR8W9AiHA4uGnP8ZiKkyVV1nnJ7oErJC5jAkJqmyz1HOWyn7zJDyIwLEfMKEUu5jiyjFHhH4WhUX-4yPeDQIjfjqYLdE6fB5FUMJWm4QCSxgljerkeDSKiloQBFVlTL0Ao8-LIchVFtBS5Q7d1VY3RLNjD5KRgXt1byJpm5iGcHaIftgeX5845uEasHbdrX_hD3VDuiCWPy3ZZC1f7-eBrANsMFhV1ZsFw1hEqcs72GZgdjSkTsU61TcJRE8NOWFISiwfdu7wazghOJn83DVMn3hbRQnm-QzPzIV6xWfpGR6ujTKf8-P8dBFMoCQffSfzDjVc6y6tSnlMv-qhuTw98dhLgTJajEIiV6-H2ZpI5obO4Ce-oNRJsfY4dXJpWxVaXL6ZOPcAIgOqQkHiAzF_TQAQ57zpqxSCsuOv1sn8zZ73vXJ8YhAkkfPb7mFfQAbuJytdQeaL9WpnO9dHFxPqSc_TgOMhKrlJYiGdswRkidTQLqyB6h0Zo5iyO1NjeL0BEA9MrapzVmTWtKWWwKUCxrcMIkV5v9Zq-xpTaWYlJqkYtFL7xmbgNaMsdYj-3Xx7GURXhuu1Uu4QaYRbrApIh5pIGMZoHadDvKS-wcrCTpYEqWIZ_cQDnbwWXg&cid=CAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAE&dv3_ver=m202306200101&rfl=https%3A%2F%2Fpt.quizur.com%2F&ds=l&xdt=1&iif=1&cor=14026715434739253000&adk=2086295851&idt=234&cac=0&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 21:41:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250065
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Jul 2024 21:41:24 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 693B
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1135760/65089104/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyW...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyWv9TSAxxY_ron9xSPyh584E7K_D...

70 KB
24 KB

169ms
79ms

Script
text/javascript

108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyWv9TSAxxY_ron9xSPyh584E7K_D3x1Ysb32yYSreWVGs6VNmO70bClziDZkp3g-VolWPhe02OIMpm8ebeJpeaBNWezr8f1_jg49F8sIviwoITy-pd6LdabmZECtAkSiRMAoCZ_4ATYQNALFgPWr0Bjlb_DT83uekqEBqpyLYYa2KPZUbXBQd5PVTv_kBU26nK4tZRJMVYcLrtpHOoLfJxz90nCjpii-zCbmRFZ7xgdkL8tFxLVPa8AQ20QFY521Orkfxwi1k5bP0bnsMkWlmLQBWCezmGrO4feof0VxqYwBsO2lCnt7fz7aEKs5soBDb6ri-i_dw9YQBNp2mEGN6eYUcRw_00RrR88wpxZYSesd3M4K-mIJJY3sUqABXYiAmpHTU6aPj6jPPB7b3U_VeCnBZ7N9jd1i8JXHO2DbrTEK2XKa4ZUxJuseCd1XgBuRO2Ic8-erdjmBssYvfAzb9AlozHBE9WaLx9ojE9Es6BsnJR0d0D5JDIyl4BIigOuUOkcnUW2b_rqZs5OblNk48tuwIW23SPvedSqWuj7ZfU1rCIX7Moi30k-VgvViL49KfR-lQdDZPiFEmzrTAOMlyPNVHdzjkuMTtR8Dc_70rnHrpbyBt-dRUulqkdgguarCSz0-oKDqEIVwp3ON_XhNu9QXuDHCjnlUwz0uBM6oiq1KdJgmiqYOuPiPTKlDcojK-EelgVMY3w1IjUWYftl3fpCfDxOxVwae5BBWFC49wSh-zaIupXc6nbLAww_q_pYvim1_sCIZLx7BK8Qq0L2dKvgH8fEOl2IgsjqAZ3_VaHramHDk5B3TIOuI93SjG2b1m80GEWPD3uytMUYu_C8ocWNuCaJLxNvTOZOEb8MctogRYNqOaozZ9twPCwM-w5kN12sjTEwWxflKMNsbHZ8737WqespLMnKjlFAFZfANhX4Yfmfy-caVKvyrA0afdutnQPo_noEKF5MmMwK3RqbSXxmRR4Lyhu-oEDrWkBmLLl5dM2kXI2yvthEuRy32se7UyX05JsxeeWNSYmlwW3KmrMidcTG_cCwsw2IQDVSG-dvEumnxe4g7KbekmYf6Y0yMZUqDDbn2Fap2sFCk9-e_HC-jYC5L0JNseKs3drykmgBN11PbYDqrm43nG8Z9xcrMIz10d_r3IRBoc3jISjBNEn7CaN-5oX_Fg6wFV3pQRrg2R2hAlALQvoMp8V3GUKAtmUHkiT-XSeXLw5wNJKxvS3t61UHtnjFRNh2t1aG9PSyyteQvjuhKXXLu0lssIhHcTMlPJpjLvoyLR6FjsJg8bd3o2QhAdzEyn5FW4lBLGMYgz68UswhqdvrCRklHU6rILhHe7ErH3SJ723NDGBlb68gJgS0iHhTAXFxjOVT8BSAmG-ZfYL3K1d9w3i_7JH97KQH1nGtJfgrV7KMI9o5SR3isdiW3Ttk6XB-dHhC8eOPZvoWubL1ZC2JuOu-v6cTxdmYBFDNR2YnyVRNSFxkyk7O8yKEnCPdquO2zjDJl-4ESucCmFjsb_NXSPREtSeCtgQ1exNwc6yW64LU3OcDiBqTuczR7I-ntGkXDo1KW_nW_DBsfjIwvzslEFrG3d845Mwtg4betnPBp3sThmhopPpk8F3z86ysPjKV9ot8DicqSOqPoSJyb81TMtqXUs90PQfmFigGhvvk_Oq8DWsaoFZciqso1UOIWTUSyJvusLwO_G7y9sWOns1s9zzELbokIrQV6w0fkCQ0Z94Fw_zwdpkjBnSlEOFK4HW4WL_-00dHnEZFHAkFW0ao4KoZvwFMh6zfKXpO2PcQ82MMngVdw9C0CLl8_HTwA5lPoCB7laUfPpNd_Opzd3rW8Gi8gJqTx2iNaDZ_VcJS2Kb4LPTrCAD1quvoDVx9DgioKIqS5eRYRXEuqnlHaLLUK2HA6Ugd3HsS4LkqZykuBWoyrFgRU3EcB1pOQ_gDIvEn6fA_aBD2G5wdmKmqgc3o00PMrGibkHziwHAdowqQOwlpcJth0dn3Bi_KUddo-USUrGkad8fp64tbfQMLAuEg1gDCImH8Hiw6dkVxaMT8lBOp7-eTKRm62Ezp5XNq6qehKfNJr_SnKNXJfGvTce5-wxIi9Fo2IYbsHqtjWT6VEnNMDFiJVV-KuvrRQotR7AInug_4TGNWrXnlaKNYAZ6X_utfW4Rh812u7PvkTArbKT4iREXbiio2pBi3OVd__Za4M4i8v2cFz8CO044Fsl54E0ESMvWHx12BhS-Bh1FmJ7hpCG2zZWcjzOP1BeF3lqvzPzaMZTexWFf6DMH0o336YefTqOz2KAeZdcuHm2j6NnD9yaUFCoWqlAdOkpGcweRWk0M05GurS84dO11jcUkd1cNrt29UyEbKDV0jhpl-zs1vi0KGI0LAeUHoqiguP8IZ6bJ4PLv-qfcInW6dfNXwbMrH7uvVya47V4Jk2oiXx9lYXqfrLoUCIF6FnJNYDhGSek9NiqeZQBEgcEkT6DPZCjwdevdVtBLMI2G6uXaHQ9cUSJUwPErg-3bSji2TCOVwB_aEALtpCBOFVq0w3fywk6VrXbJN3wDsKvvWbhNYfuhyvk1TUN_TRqzqdrmPIknFzZjgpeqmA-PUw38shS8vXk0Knrz221rsx4vJd1z0E6L1LHZKuAUQ1exJdlv071anM-2BWwLs5YNKQ7FcBoIx9g0PKEIUu76-57D55B3dhhpQkBAxxOKb788FjSYAm24EtNFrc4Q4q_gfD85GiOosWRjybdLHGyFqankXbs8yCQ8Pje7jKNFHPiPQqg9F5O9KQOrFZyJ-IbNXjQlI6LHR_ZHEJ85DSOlwOS_OT3dKlOPO4yvcI4LnuvrTJF8-u2U75c8usDsZrP9vnyoZwLzX7E-xMibrYcFiV9Y4kLr6vnxJsr9sgw7L19Jlgn9DCIZ7HsqFMnndNQjLvnQgv3WOdiNExlLrFOvGHoAi4_uGi2hv04kfNYT2RWJfskmILmdaXFlY-pxlaKBFg4rAvrYNK-HnMnNdxNPykXEnWqLJzMCyvK8PzUJ6PKBZIx-2zQ97D4MNy07epsnak_-wMxk_tIZp1rrqYrPJL2bLlCUhI1c4aed1y6KFEGejSvAJI4QHwnOQIlSOz3Mgeqa2C6N3F1qYo7FOq8tIgKHT4ElJlkY376yOTVLo1FMBRC0UuZq4F2bNZ4O-ih6ILqw92iGZZhLMuemt5sEJZTMqXA5qWypiiYARknReaMi76AUG9bGq5HuaUST3esHwOivnxE4t06lNxTbSJw7wvKrmj_5q5pYURLocci5zAcQuHdf_1hL6jRe2_BKvx02L6CcHyqB2A7zkbPc9fl-RrQxUuojLr7kI3geJiRUSL0rl89kh7BdfAppmx35h45wz3ss6DbPL2hpBCAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAFgAQ

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

108.177.15.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f156.1e100.net

Software

cafe /

Resource Hash

179478ab339535b2db2a31bae3daf8338d116c4fa501738875a3d405cf52147d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24388
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
server: nginx
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyWv9TSAxxY_ron9xSPyh584E7K_D3x1Ysb32yYSreWVGs6VNmO70bClziDZkp3g-VolWPhe02OIMpm8ebeJpeaBNWezr8f1_jg49F8sIviwoITy-pd6LdabmZECtAkSiRMAoCZ_4ATYQNALFgPWr0Bjlb_DT83uekqEBqpyLYYa2KPZUbXBQd5PVTv_kBU26nK4tZRJMVYcLrtpHOoLfJxz90nCjpii-zCbmRFZ7xgdkL8tFxLVPa8AQ20QFY521Orkfxwi1k5bP0bnsMkWlmLQBWCezmGrO4feof0VxqYwBsO2lCnt7fz7aEKs5soBDb6ri-i_dw9YQBNp2mEGN6eYUcRw_00RrR88wpxZYSesd3M4K-mIJJY3sUqABXYiAmpHTU6aPj6jPPB7b3U_VeCnBZ7N9jd1i8JXHO2DbrTEK2XKa4ZUxJuseCd1XgBuRO2Ic8-erdjmBssYvfAzb9AlozHBE9WaLx9ojE9Es6BsnJR0d0D5JDIyl4BIigOuUOkcnUW2b_rqZs5OblNk48tuwIW23SPvedSqWuj7ZfU1rCIX7Moi30k-VgvViL49KfR-lQdDZPiFEmzrTAOMlyPNVHdzjkuMTtR8Dc_70rnHrpbyBt-dRUulqkdgguarCSz0-oKDqEIVwp3ON_XhNu9QXuDHCjnlUwz0uBM6oiq1KdJgmiqYOuPiPTKlDcojK-EelgVMY3w1IjUWYftl3fpCfDxOxVwae5BBWFC49wSh-zaIupXc6nbLAww_q_pYvim1_sCIZLx7BK8Qq0L2dKvgH8fEOl2IgsjqAZ3_VaHramHDk5B3TIOuI93SjG2b1m80GEWPD3uytMUYu_C8ocWNuCaJLxNvTOZOEb8MctogRYNqOaozZ9twPCwM-w5kN12sjTEwWxflKMNsbHZ8737WqespLMnKjlFAFZfANhX4Yfmfy-caVKvyrA0afdutnQPo_noEKF5MmMwK3RqbSXxmRR4Lyhu-oEDrWkBmLLl5dM2kXI2yvthEuRy32se7UyX05JsxeeWNSYmlwW3KmrMidcTG_cCwsw2IQDVSG-dvEumnxe4g7KbekmYf6Y0yMZUqDDbn2Fap2sFCk9-e_HC-jYC5L0JNseKs3drykmgBN11PbYDqrm43nG8Z9xcrMIz10d_r3IRBoc3jISjBNEn7CaN-5oX_Fg6wFV3pQRrg2R2hAlALQvoMp8V3GUKAtmUHkiT-XSeXLw5wNJKxvS3t61UHtnjFRNh2t1aG9PSyyteQvjuhKXXLu0lssIhHcTMlPJpjLvoyLR6FjsJg8bd3o2QhAdzEyn5FW4lBLGMYgz68UswhqdvrCRklHU6rILhHe7ErH3SJ723NDGBlb68gJgS0iHhTAXFxjOVT8BSAmG-ZfYL3K1d9w3i_7JH97KQH1nGtJfgrV7KMI9o5SR3isdiW3Ttk6XB-dHhC8eOPZvoWubL1ZC2JuOu-v6cTxdmYBFDNR2YnyVRNSFxkyk7O8yKEnCPdquO2zjDJl-4ESucCmFjsb_NXSPREtSeCtgQ1exNwc6yW64LU3OcDiBqTuczR7I-ntGkXDo1KW_nW_DBsfjIwvzslEFrG3d845Mwtg4betnPBp3sThmhopPpk8F3z86ysPjKV9ot8DicqSOqPoSJyb81TMtqXUs90PQfmFigGhvvk_Oq8DWsaoFZciqso1UOIWTUSyJvusLwO_G7y9sWOns1s9zzELbokIrQV6w0fkCQ0Z94Fw_zwdpkjBnSlEOFK4HW4WL_-00dHnEZFHAkFW0ao4KoZvwFMh6zfKXpO2PcQ82MMngVdw9C0CLl8_HTwA5lPoCB7laUfPpNd_Opzd3rW8Gi8gJqTx2iNaDZ_VcJS2Kb4LPTrCAD1quvoDVx9DgioKIqS5eRYRXEuqnlHaLLUK2HA6Ugd3HsS4LkqZykuBWoyrFgRU3EcB1pOQ_gDIvEn6fA_aBD2G5wdmKmqgc3o00PMrGibkHziwHAdowqQOwlpcJth0dn3Bi_KUddo-USUrGkad8fp64tbfQMLAuEg1gDCImH8Hiw6dkVxaMT8lBOp7-eTKRm62Ezp5XNq6qehKfNJr_SnKNXJfGvTce5-wxIi9Fo2IYbsHqtjWT6VEnNMDFiJVV-KuvrRQotR7AInug_4TGNWrXnlaKNYAZ6X_utfW4Rh812u7PvkTArbKT4iREXbiio2pBi3OVd__Za4M4i8v2cFz8CO044Fsl54E0ESMvWHx12BhS-Bh1FmJ7hpCG2zZWcjzOP1BeF3lqvzPzaMZTexWFf6DMH0o336YefTqOz2KAeZdcuHm2j6NnD9yaUFCoWqlAdOkpGcweRWk0M05GurS84dO11jcUkd1cNrt29UyEbKDV0jhpl-zs1vi0KGI0LAeUHoqiguP8IZ6bJ4PLv-qfcInW6dfNXwbMrH7uvVya47V4Jk2oiXx9lYXqfrLoUCIF6FnJNYDhGSek9NiqeZQBEgcEkT6DPZCjwdevdVtBLMI2G6uXaHQ9cUSJUwPErg-3bSji2TCOVwB_aEALtpCBOFVq0w3fywk6VrXbJN3wDsKvvWbhNYfuhyvk1TUN_TRqzqdrmPIknFzZjgpeqmA-PUw38shS8vXk0Knrz221rsx4vJd1z0E6L1LHZKuAUQ1exJdlv071anM-2BWwLs5YNKQ7FcBoIx9g0PKEIUu76-57D55B3dhhpQkBAxxOKb788FjSYAm24EtNFrc4Q4q_gfD85GiOosWRjybdLHGyFqankXbs8yCQ8Pje7jKNFHPiPQqg9F5O9KQOrFZyJ-IbNXjQlI6LHR_ZHEJ85DSOlwOS_OT3dKlOPO4yvcI4LnuvrTJF8-u2U75c8usDsZrP9vnyoZwLzX7E-xMibrYcFiV9Y4kLr6vnxJsr9sgw7L19Jlgn9DCIZ7HsqFMnndNQjLvnQgv3WOdiNExlLrFOvGHoAi4_uGi2hv04kfNYT2RWJfskmILmdaXFlY-pxlaKBFg4rAvrYNK-HnMnNdxNPykXEnWqLJzMCyvK8PzUJ6PKBZIx-2zQ97D4MNy07epsnak_-wMxk_tIZp1rrqYrPJL2bLlCUhI1c4aed1y6KFEGejSvAJI4QHwnOQIlSOz3Mgeqa2C6N3F1qYo7FOq8tIgKHT4ElJlkY376yOTVLo1FMBRC0UuZq4F2bNZ4O-ih6ILqw92iGZZhLMuemt5sEJZTMqXA5qWypiiYARknReaMi76AUG9bGq5HuaUST3esHwOivnxE4t06lNxTbSJw7wvKrmj_5q5pYURLocci5zAcQuHdf_1hL6jRe2_BKvx02L6CcHyqB2A7zkbPc9fl-RrQxUuojLr7kI3geJiRUSL0rl89kh7BdfAppmx35h45wz3ss6DbPL2hpBCAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAFgAQ
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D7FD 91 KB
23 KB 102ms
26ms Script
application/javascript 2600:9000:223f:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 26278373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 4LOL0Y9HDPJC9fTpahorI3O6Xwus5Yz3ILf7_uGgKh4Do9Qbn2997A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 581ms
176ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7NtuN,pingTime:-3,time:44,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&br=c
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 577ms
177ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7NtuP,pingTime:-6,time:46,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:19%7D&tpiLookup=ao:pt.quizur.com*&br=c
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
216 B 575ms
176ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7NtuT,pingTime:-2,time:50,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:404,beZ:405,mfA:407,cmA:408,inA:409,inZ:412,prA:412,prZ:417,si:423,poA:424,poZ:445,cmZ:445,mfZ:445,loA:450,loZ:453,ltA:453,ltZ:454%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:19,sinceFw:29,readyFired:false%7D&br=c
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8099 22 KB
8 KB 25ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 19:16:01 GMT
expires: Sat, 20 Jul 2024 19:16:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pv Show response
s.seedtag.com/c/ 1 KB
1 KB 101ms
37ms XHR
application/json 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/c/pv?token=5728-2729-01&device=desktop&fullUrl=https%3A%2F%2Fpt.quizur.com%2F&cache=1690052949772&v=-&ft=true
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.236e5bfa3ae0006ebe29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: f40379b3fbf441df742f2187d0b63ad4b5ab3582c0467e2c54b101494ccacd34

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: gzip
via: 1.1 google
server: openresty
etag: W/"51a-ED0YW0DJ4ed/iym9kiyAuj09+AY"
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pt.quizur.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8099 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14655
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jul 2024 13:22:43 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 2FE1 22 KB
9 KB 101ms
22ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.236e5bfa3ae0006ebe29.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 29 Jul 2023 19:09:09 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 23 KB
8 KB 92ms
21ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-12765-5/CT-1068
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.236e5bfa3ae0006ebe29.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:25:27 GMT
content-encoding: gzip
via: 1.1 google
age: 6222
x-guploader-uploadid: ADPycdvCftdmRxzHRpJUKKGHiK13GF1dNROBcEj5LsF4pjpP3iymz8GGoadxkKEwOQVrOcgfDwd-CsAUyGnPb_afKnKbsA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7679
last-modified: Thu, 17 Mar 2022 15:35:15 GMT
server: nginx/1.8.1
etag: "ad2f9abb7bbec08e62cf17d0cc7d9125"
vary: Accept-Encoding
x-goog-generation: 1647531315191220
x-goog-hash: md5=rS+au3u+wI5izxfQzH2RJQ==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 7679
accept-ranges: bytes
expires: Sat, 22 Jul 2023 19:25:27 GMT

GET
H2 200 p
sb.scorecardresearch.com/ 43 B
298 B 144ms
47ms Image
image/gif 52.222.169.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=26817122&c3=$accountId&c7=$currentUrl&c9=$referrerUrl&cv=2.0&cj=1
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-99.cdg52.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
via: 1.1 a1e152cd91a0e624aecabbad581ffcb2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CDG52-P2
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: VwR_qY4pNHs-ZYZ0UtiYe2Dj3uP_CI-QjEcolQ-hoMaQdA58p28kcQ==

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 693B 111 KB
39 KB 89ms
25ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
Origin: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 08:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Jul 2023 08:46:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame 693B 11 KB
4 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1135760/65089104/xbbe/creative/adj?p=APEucNUmvv4pxUyVZEBURwh6Xzm0YkU-yVqLyUdxnUQLPE1hMkXY8qo&d=CokBAKAmf-By5a2XH7hpQDhiGT8OKgbe8SileGamrbA5w06DMVLa2Zt9Co3fIyWv9TSAxxY_ron9xSPyh584E7K_D3x1Ysb32yYSreWVGs6VNmO70bClziDZkp3g-VolWPhe02OIMpm8ebeJpeaBNWezr8f1_jg49F8sIviwoITy-pd6LdabmZECtAkSiRMAoCZ_4ATYQNALFgPWr0Bjlb_DT83uekqEBqpyLYYa2KPZUbXBQd5PVTv_kBU26nK4tZRJMVYcLrtpHOoLfJxz90nCjpii-zCbmRFZ7xgdkL8tFxLVPa8AQ20QFY521Orkfxwi1k5bP0bnsMkWlmLQBWCezmGrO4feof0VxqYwBsO2lCnt7fz7aEKs5soBDb6ri-i_dw9YQBNp2mEGN6eYUcRw_00RrR88wpxZYSesd3M4K-mIJJY3sUqABXYiAmpHTU6aPj6jPPB7b3U_VeCnBZ7N9jd1i8JXHO2DbrTEK2XKa4ZUxJuseCd1XgBuRO2Ic8-erdjmBssYvfAzb9AlozHBE9WaLx9ojE9Es6BsnJR0d0D5JDIyl4BIigOuUOkcnUW2b_rqZs5OblNk48tuwIW23SPvedSqWuj7ZfU1rCIX7Moi30k-VgvViL49KfR-lQdDZPiFEmzrTAOMlyPNVHdzjkuMTtR8Dc_70rnHrpbyBt-dRUulqkdgguarCSz0-oKDqEIVwp3ON_XhNu9QXuDHCjnlUwz0uBM6oiq1KdJgmiqYOuPiPTKlDcojK-EelgVMY3w1IjUWYftl3fpCfDxOxVwae5BBWFC49wSh-zaIupXc6nbLAww_q_pYvim1_sCIZLx7BK8Qq0L2dKvgH8fEOl2IgsjqAZ3_VaHramHDk5B3TIOuI93SjG2b1m80GEWPD3uytMUYu_C8ocWNuCaJLxNvTOZOEb8MctogRYNqOaozZ9twPCwM-w5kN12sjTEwWxflKMNsbHZ8737WqespLMnKjlFAFZfANhX4Yfmfy-caVKvyrA0afdutnQPo_noEKF5MmMwK3RqbSXxmRR4Lyhu-oEDrWkBmLLl5dM2kXI2yvthEuRy32se7UyX05JsxeeWNSYmlwW3KmrMidcTG_cCwsw2IQDVSG-dvEumnxe4g7KbekmYf6Y0yMZUqDDbn2Fap2sFCk9-e_HC-jYC5L0JNseKs3drykmgBN11PbYDqrm43nG8Z9xcrMIz10d_r3IRBoc3jISjBNEn7CaN-5oX_Fg6wFV3pQRrg2R2hAlALQvoMp8V3GUKAtmUHkiT-XSeXLw5wNJKxvS3t61UHtnjFRNh2t1aG9PSyyteQvjuhKXXLu0lssIhHcTMlPJpjLvoyLR6FjsJg8bd3o2QhAdzEyn5FW4lBLGMYgz68UswhqdvrCRklHU6rILhHe7ErH3SJ723NDGBlb68gJgS0iHhTAXFxjOVT8BSAmG-ZfYL3K1d9w3i_7JH97KQH1nGtJfgrV7KMI9o5SR3isdiW3Ttk6XB-dHhC8eOPZvoWubL1ZC2JuOu-v6cTxdmYBFDNR2YnyVRNSFxkyk7O8yKEnCPdquO2zjDJl-4ESucCmFjsb_NXSPREtSeCtgQ1exNwc6yW64LU3OcDiBqTuczR7I-ntGkXDo1KW_nW_DBsfjIwvzslEFrG3d845Mwtg4betnPBp3sThmhopPpk8F3z86ysPjKV9ot8DicqSOqPoSJyb81TMtqXUs90PQfmFigGhvvk_Oq8DWsaoFZciqso1UOIWTUSyJvusLwO_G7y9sWOns1s9zzELbokIrQV6w0fkCQ0Z94Fw_zwdpkjBnSlEOFK4HW4WL_-00dHnEZFHAkFW0ao4KoZvwFMh6zfKXpO2PcQ82MMngVdw9C0CLl8_HTwA5lPoCB7laUfPpNd_Opzd3rW8Gi8gJqTx2iNaDZ_VcJS2Kb4LPTrCAD1quvoDVx9DgioKIqS5eRYRXEuqnlHaLLUK2HA6Ugd3HsS4LkqZykuBWoyrFgRU3EcB1pOQ_gDIvEn6fA_aBD2G5wdmKmqgc3o00PMrGibkHziwHAdowqQOwlpcJth0dn3Bi_KUddo-USUrGkad8fp64tbfQMLAuEg1gDCImH8Hiw6dkVxaMT8lBOp7-eTKRm62Ezp5XNq6qehKfNJr_SnKNXJfGvTce5-wxIi9Fo2IYbsHqtjWT6VEnNMDFiJVV-KuvrRQotR7AInug_4TGNWrXnlaKNYAZ6X_utfW4Rh812u7PvkTArbKT4iREXbiio2pBi3OVd__Za4M4i8v2cFz8CO044Fsl54E0ESMvWHx12BhS-Bh1FmJ7hpCG2zZWcjzOP1BeF3lqvzPzaMZTexWFf6DMH0o336YefTqOz2KAeZdcuHm2j6NnD9yaUFCoWqlAdOkpGcweRWk0M05GurS84dO11jcUkd1cNrt29UyEbKDV0jhpl-zs1vi0KGI0LAeUHoqiguP8IZ6bJ4PLv-qfcInW6dfNXwbMrH7uvVya47V4Jk2oiXx9lYXqfrLoUCIF6FnJNYDhGSek9NiqeZQBEgcEkT6DPZCjwdevdVtBLMI2G6uXaHQ9cUSJUwPErg-3bSji2TCOVwB_aEALtpCBOFVq0w3fywk6VrXbJN3wDsKvvWbhNYfuhyvk1TUN_TRqzqdrmPIknFzZjgpeqmA-PUw38shS8vXk0Knrz221rsx4vJd1z0E6L1LHZKuAUQ1exJdlv071anM-2BWwLs5YNKQ7FcBoIx9g0PKEIUu76-57D55B3dhhpQkBAxxOKb788FjSYAm24EtNFrc4Q4q_gfD85GiOosWRjybdLHGyFqankXbs8yCQ8Pje7jKNFHPiPQqg9F5O9KQOrFZyJ-IbNXjQlI6LHR_ZHEJ85DSOlwOS_OT3dKlOPO4yvcI4LnuvrTJF8-u2U75c8usDsZrP9vnyoZwLzX7E-xMibrYcFiV9Y4kLr6vnxJsr9sgw7L19Jlgn9DCIZ7HsqFMnndNQjLvnQgv3WOdiNExlLrFOvGHoAi4_uGi2hv04kfNYT2RWJfskmILmdaXFlY-pxlaKBFg4rAvrYNK-HnMnNdxNPykXEnWqLJzMCyvK8PzUJ6PKBZIx-2zQ97D4MNy07epsnak_-wMxk_tIZp1rrqYrPJL2bLlCUhI1c4aed1y6KFEGejSvAJI4QHwnOQIlSOz3Mgeqa2C6N3F1qYo7FOq8tIgKHT4ElJlkY376yOTVLo1FMBRC0UuZq4F2bNZ4O-ih6ILqw92iGZZhLMuemt5sEJZTMqXA5qWypiiYARknReaMi76AUG9bGq5HuaUST3esHwOivnxE4t06lNxTbSJw7wvKrmj_5q5pYURLocci5zAcQuHdf_1hL6jRe2_BKvx02L6CcHyqB2A7zkbPc9fl-RrQxUuojLr7kI3geJiRUSL0rl89kh7BdfAppmx35h45wz3ss6DbPL2hpBCAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAFgAQ&ias_dspID=3&ias_campId=1008772806&ias_pubId=pub-2862082324212006&ias_chanId=1&ias_placementId=20163094551&bidurl=https://pt.quizur.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hI73Cv7S1miFyTnqGuMHgm&adsafe_url=https%3A%2F%2Fpt.quizur.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpt.quizur.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:49a9fd6a-fc06-18d1-f80d-db4e68deabde,c:j7Ntun,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5d94d9d8b-bhs88,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:19,oid:3c813bc4-28c3-11ee-b6ce-ae2cdd0a626b,v:19.8.432,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 00:01:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68860
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 00:01:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 693B 30 KB
11 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:48:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4820
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11528
x-xss-protection: 0
server: cafe
etag: 1206305422853166885
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 17:48:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 915B 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Jul 2023 22:21:06 GMT
etag: 48472445140208031
expires: Sat, 22 Jul 2023 22:21:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 693B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a97b62b324a6482dcf5b0e24b2bbfeb7d435bde8b27d6136e429f7978b4370f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8099 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKVwtVSm8ZOfVIPuTjuwPiomDmA8AAAAAOAHgBAI&bg=!jY6ljtrNAAZsPphkTD47ADkAdvg8WgMI-vZEhw7tL9x7X-cYnNGBRde7p0QY4vh4A-BiKzTD96cvqDfDn-HA9hhQTXPi1r7UccECAAAAX1IAAAAJaAEHCgAxKtWS1Y7dqdULTXDuwsmN_OtMNJfFNT9INjneRIpgyJd-O2PukHFJtzJPgWU9gIjAWJkDMpmR9fVH0OASgMAb2SvgwZzjXZOFRHHE0KA23HcWdCiROSdWbk3Cp6zofMCnFzBUWCNrZaAtCYi7jpePfAYeIgW_tH27l4U11FQdJwaplDBoSlXSYorONEBMxZCkvA-wDxoTzAx_AfHMoPrc3CDATTPqedU6kWMF7C5aDXJT5H3h1rf7zK_BGheCF6AN3RXZY0h4HmyHIn9iAf0Mh3LXZ9RG7Br3GNxb2d07vIDuon6O3ZlhFMv27asXJaD74XQ-OW9ieFw_2C7YexXmGYEwr4HTwpM4CQiYAuxDWdqoxD9KfaxkIUZrg6PebvpnFGAAWq5H3fpIXKv89aZshUH47LDt3U-TpvualiYJY0f1oePLi_6Ws8F8XebJv-mwOLwjArlkWpNb5aGL4KzybJ1lki_5_cb5yQQhxrardlcn0W48DjeVOn-ZIzVqvGv_Ft14DhcmVd0hxRfwyGC-cX0-7Dz9DfALuOw2HCAH0dFjLI_r-XCW3c4dGViOUtTIrbrF52xR5OLGh_UfRZ5baOORskcxfasyBbGqvr9hK3mMkCfiXeGuu6V8YAtfuaTrkmGKE-broLMegTvn4C20EN-E0NkEMWElTkEZOdFntrgxVWYTK4-ew9oc1Zctc4nCs6NsPHxDxcbMUPSOG7DpOT_mQzgT591iLCRrslCBN6fbTSTSqnYqV7xe8uQW_ddXnZT2Z14CNzSDHFB4i2zlpMY6mNZFKpkRVwznPYlDtEvHFWn5H_oPbmFCwx8uC_kuu4Fu_BJ0OSSs3tKvYBsAiGP1YmUlqktfGwrHKOokhVwDTQyRG1Y_bT00Y3Cr9nczfTPT_ESWlNBUT5RVLgRmxFuMlgrDnd9ZSupPQiwSdRjQITXZtVAoHl58Gl41VkyUfy5_tMmL-oKAy5oNEaK73UcomtAbm0-MDQI2meSxLD2S8G1i0Klams5EioZrawiwnm7tOo4qEk2E-9EGqJAks_Em4VErOc3AqSWXlCl25JPauMotA7478S0Y3kQKBdr27MMO11_2KOtoxng4MWb-jQp7vTdtCrW2eUK4_yjvB71a-HaHLAgxc-3xyRP9fWCH2xwcv3CR

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 915B 0
104 B 248ms
87ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECPl3w5Z93K8YmlN9YnxI7g&google_cver=1&google_push=AaAOQGF4emKfHcSmmqnko_1Ti1PVTW8eMTGN44aj0DbQuMd3Cbw9Cm6BNA-ausxPGsqJkMg5FJ9bFwQ_qfwkc9dFpQtnk3UMXQ8eqw
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 915B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHQuqc9z2SNTyZ5OkuEkFBM&google_cver=1&google_push=AaAOQGFY6jFNJgFFHaowpcRVAvBbJGHM1AIB9HtGNb6DwEz1UJIfgLjZZ2v_sGT_xwpUOw4DX6hN_cIhN-ubR35kqjc26QW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFY6jFNJgFFHaowpcRVAvBbJGHM1AIB9HtGNb6DwEz1UJIfgLjZZ2v_sGT_xwpUOw4DX6hN_cIhN-ubR35kqjc26QW1JN6X3w&google_hm=eS1tU2RmV1hCRTJwRWd2...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFY6jFNJgFFHaowpcRVAvBbJGHM1AIB9HtGNb6DwEz1UJIfgLjZZ2v_sGT_xwpUOw4DX6hN_cIhN-ubR35kqjc26QW1JN6X3w&google_hm=eS1tU2RmV1hCRTJwRWd2Y0wwdXNfN0JDa0RNZ3VTVE1VTn5B

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 22 Jul 2023 19:09:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFY6jFNJgFFHaowpcRVAvBbJGHM1AIB9HtGNb6DwEz1UJIfgLjZZ2v_sGT_xwpUOw4DX6hN_cIhN-ubR35kqjc26QW1JN6X3w&google_hm=eS1tU2RmV1hCRTJwRWd2Y0wwdXNfN0JDa0RNZ3VTVE1VTn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 915B 43 B
363 B 97ms
27ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3D%25%25GOOGLE_PUSH%25%25&google_gid=CAESELz9cW5uDmPYdJNmXc4aIyY&google_cver=1&google_push=AaAOQGHZeNsdziBxAd3cGAgZEtlUWI3Bqtt3BDKWsGtHaDHBLDcjw3blTrh1dsF7ENdZDLKKa_xqEZpSH2izp4-sF29Y_E8DMSdi

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 251581
expires: Sat, 22 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 915B
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NLT7so_lTiC_wmx-BLyM1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NLT7so_lTiC_wmx-BLyM1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEI8gxPYwygkPyUiAvJm3QbMhFMrscr-m5dz6ApFfWVZTVKOyMdI1sHz7CthAS6Hw6y9eoZ3VwgSRjsagmdX7OCHBcD72-FCw

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NLT7so_lTiC_wmx-BLyM1w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AaAOQGEI8gxPYwygkPyUiAvJm3QbMhFMrscr-m5dz6ApFfWVZTVKOyMdI1sHz7CthAS6Hw6y9eoZ3VwgSRjsagmdX7OCHBcD72-FCw
date: Sat, 22 Jul 2023 19:09:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 915B
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOWf7JtvRr5P8wT3KDVsnew&google_cver=1&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5R...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOWf7JtvRr5P8wT3KDVsnew&google_cver=1&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5R...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5RoHXfMoD5whvag&google_hm=HBk9rGZH_07stn8uSIuz...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5RoHXfMoD5whvag&google_hm=HBk9rGZH_07stn8uSIuzxcws

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 22 Jul 2023 19:09:10 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AaAOQGFqozvBoa-b8Asm0nvnJSA5IBfqMI0FYIjy9XOdE7nYeR5iAxjwlTab1lNrFLHb1Y2MOYwL8AlKPfQgTuH5RoHXfMoD5whvag&google_hm=HBk9rGZH_07stn8uSIuzxcws
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 915B
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESED0J3RJ562C3Tp3LxIALtnU&google_cver=1&google_push=AaAOQGGIP2XP43I9f22wqYRqtX1nsUpPw7bpvjSC_n-Sv8FdHtfg-jmA8wepPgagDFG6VLQo8PWyWzw4D0dV-Bxs...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGIP2XP43I9f22wqYRqtX1nsUpPw7bpvjSC_n-Sv8FdHtfg-jmA8wepPgagDFG6VLQo8PWyWzw4D0dV-Bxs4_ScfX4PxtBe

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGIP2XP43I9f22wqYRqtX1nsUpPw7bpvjSC_n-Sv8FdHtfg-jmA8wepPgagDFG6VLQo8PWyWzw4D0dV-Bxs4_ScfX4PxtBe

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 22 Jul 2023 19:09:10 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGGIP2XP43I9f22wqYRqtX1nsUpPw7bpvjSC_n-Sv8FdHtfg-jmA8wepPgagDFG6VLQo8PWyWzw4D0dV-Bxs4_ScfX4PxtBe
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: TSiBLEngu7ur1XTruXfvilyJlKp6gLPzN6_eEEu64m031wrq3hcJlA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 915B
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-2e585669-fd4f-476d-8d0b-ed80ea49093d-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGGuc5WXAConvfWrmq4t1...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg&google_hm=Ay5YVmn9T0dtjQvtgOpJCT0

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg&google_hm=Ay5YVmn9T0dtjQvtgOpJCT0

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGGuc5WXAConvfWrmq4t1E98KHlvbadFmf74fvmpibUKQzpUkIFF7RasZ2-JY5cyrlqitShZBqNr6Se2JbcoztLKI0D8rsVxhg&google_hm=Ay5YVmn9T0dtjQvtgOpJCT0
date: Sat, 22 Jul 2023 19:09:10 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2e585669fd4f476d8d0bed80ea49093d003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 915B 0
12 B 32ms
30ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7RLiva1DSMZftxTEcc16yvjXyL_PY0ruhGUH2UzsdkF5je-2i5Vm2_HoiFp_1DaiOu_bM

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
293 B 127ms
126ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.quizur.com
Date: Sat, 22 Jul 2023 19:09:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 rules-p-PFW5FesqXn206.js Show response
rules.quantcount.com/ Frame 2FE1 1 KB
1 KB 88ms
21ms Script
application/javascript 2600:9000:223c:4800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-PFW5FesqXn206.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:29:03 GMT
content-encoding: gzip
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2408
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:52 GMT
server: AmazonS3
etag: W/"a521a7bf6d17b50bc9827eaad4be8ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: sXFOswOwnoKbpipr0hkQxRN99dAXRMCd5EFk3qwZREDR1GH0pTs1Tg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 177ms
176ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7NtBA,pingTime:-10,time:465,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xMDIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1690052950038%7C%7C232257083a84795daf5c2cfc84e5c42f%7C%7C375be7bc26b7869f53a37d263e47ad85%7C%7Cf94571019aac9eec334d3c045a6e8697%7C%7C7a41e9e51aa65e5ff8068afd6f962d0a%7C%7C9fbf049a1698ef740cbeb9b5f8f44886%7C%7C113fa92a17fa7c955eaa9c401905e0ae%7C%7Cbf92c0c94ebff56a01e0830221762d1d%7C%7C1663701684%7D
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame C709 164 KB
92 KB 69ms
22ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6dfb74c50c734f965e1f1028d6ccfe365b41b3433745c97e23c5c3266774b34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 299176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 94018
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 08:02:54 GMT
expires: Thu, 18 Jul 2024 08:02:54 GMT
last-modified: Tue, 07 Feb 2023 18:31:23 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 693B 0
0 135ms
60ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4SRquFo8_HaCyt8fbG_auq-CQEAExJ6A7sKEKrmrymEW5hUG47VKkJR4enZKFTS69oKOm1wyuVxojfKHRWlab4BiyOaZ9kugr0dkU3l3mCOl7KYLCjvKl3DQlz-8a2p4mi1re-jej8pJRM8niw1hYP-kRtMH7vWh_bG9tqKRWXmG-bBv0JWoJ9y5qHZyIMJdZDUnlVLSJeItb9Z3yYQ&sai=AMfl-YShf2b_zJFTfrwMNbAy9fD7MhY0LmAXusfwlGb1fAjLuCq64Q-qyp4omsgvnKpGUWNf8ZQ9RNE5xri83zJoezsEfnh3gjRqat3qyRHSMrVAEWblJaolu2PIKGYp13DJs1BGdfd1YzY_-cK5JvoB-gKJ6w&sig=Cg0ArKJSzAQsl6yenWNKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=126&cbvp=1&cstd=123&cisv=r20230719.86119&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 19:09:10 GMT

GET
H2 200 pixel;r=340144175;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpt.quizur.com%2F;ref=https%3A%2F%2Fpt.quizur.com%2F;uht=2;fpan=1;fpa=P0-984462428-1690052949992;pbc=;ns=1;ce=1;qjs=1;qv=c818...
pixel.quantserve.com/ Frame 2FE1 35 B
371 B 50ms
22ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=340144175;event=refresh;rf=0;a=p-PFW5FesqXn206;url=https%3A%2F%2Fpt.quizur.com%2F;ref=https%3A%2F%2Fpt.quizur.com%2F;uht=2;fpan=1;fpa=P0-984462428-1690052949992;pbc=;ns=1;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=quizur.com;dst=0;et=1690052950083;tzo=0;ogl=;ses=8ff8162d-b0b4-4964-89dd-b2451d4fc357;mdl=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7NtCV,time:548,type:e,im:%7Bpci:%7Btdr:505%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:548,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B542~0%5D,as:%5B542~970.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:354%7D&br=c
Requested by: Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Cisco_Logo_no_TM_White-RGB.svg.js Show response
s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame C709 2 KB
933 B 23ms
23ms Script
application/x-javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/Cisco_Logo_no_TM_White-RGB.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97bb35db9f4c936f90d08979bca2b96efdc4c1f65a758c1bde577e53c70dba26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469048
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:31:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jul 2024 08:51:42 GMT

GET
DATA 200
OK truncated
/ Frame C709 73 KB
73 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 693B 0
0 61ms
60ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4SRquFo8_HaCyt8fbG_auq-CQEAExJ6A7sKEKrmrymEW5hUG47VKkJR4enZKFTS69oKOm1wyuVxojfKHRWlab4BiyOaZ9kugr0dkU3l3mCOl7KYLCjvKl3DQlz-8a2p4mi1re-jej8pJRM8niw1hYP-kRtMH7vWh_bG9tqKRWXmG-bBv0JWoJ9y5qHZyIMJdZDUnlVLSJeItb9Z3yYQ&sai=AMfl-YShf2b_zJFTfrwMNbAy9fD7MhY0LmAXusfwlGb1fAjLuCq64Q-qyp4omsgvnKpGUWNf8ZQ9RNE5xri83zJoezsEfnh3gjRqat3qyRHSMrVAEWblJaolu2PIKGYp13DJs1BGdfd1YzY_-cK5JvoB-gKJ6w&sig=Cg0ArKJSzAQsl6yenWNKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=272&vt=11&dtpt=146&dett=3&cstd=123&cisv=r20230719.86119&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Jul 2023 19:09:10 GMT

GET
H3 200 XDR-GettyImages-1080277602-1.png
s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame C709 48 KB
48 KB 23ms
22ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/XDR-GettyImages-1080277602-1.png?

Requested by

Host: a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
URL: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f145622eea3dfe35b98f5be2409b4e3c763bd2192442eed324a7f01e22e9a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 05:19:23 GMT
x-content-type-options: nosniff
age: 308987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49469
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:31:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 05:19:23 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6036356/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

38ms
38ms

Script
application/javascript

52.222.169.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Server: 52.222.169.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-99.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 00:51:02 GMT
content-encoding: gzip
via: 1.1 a1e152cd91a0e624aecabbad581ffcb2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:00:20 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P2
age: 65889
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 8yJfFkIhTOW5Anb7NDeeH0d3zYSLxzwzJOU5hhWXoMcBj1B1qeTaKg==

Redirect headers

date: Sat, 22 Jul 2023 19:09:10 GMT
via: 1.1 a1e152cd91a0e624aecabbad581ffcb2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CDG52-P2
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: SKoYwc-3jvLIKqaqRiPUQrxpTJGAyPxYaKo9gPQxA_P8LpuUG06X5Q==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 28ms
27ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=402134110&t=pageview&_s=1&dl=https%3A%2F%2Fpt.quizur.com%2F&ul=en-us&de=UTF-8&dt=Quizur%20%7C%20Crie%20seu%20Quiz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6ChAAEABAAAAACAUK~&jid=1313986791&gjid=1199741452&cid=1643838586.1690052949&tid=UA-97689914-178&_gid=134753763.1690052949&_r=1&_slc=1&cd1=Negocios&cd2=Quizur&cd3=Quizur&cd4=1643838586.1690052949&cd66=1690052950211.8magdl7y&cd85=none&cd87=none&cd88=none&z=2081984111

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 83ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-L92XFPRQ85&gtm=45je37j0&_p=402134110&_gaz=1&cid=1643838586.1690052949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690052950&sct=1&seg=0&dl=https%3A%2F%2Fpt.quizur.com%2F&dt=Quizur%20%7C%20Crie%20seu%20Quiz&en=page_view&_fv=1&_ss=1&_ee=1&ep.uol_property_id=330727555&up.cookie_consent=none&up.login_widget=deslogado
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L92XFPRQ85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 88ms
30ms Ping
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-L92XFPRQ85&cid=1643838586.1690052949&gtm=45je37j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L92XFPRQ85&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-L92XFPRQ85&cid=1643838586.1690052949&gtm=45je37j0&aip=1&z=850526610

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 XDR-GettyImages-1080277602-1.png
s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/ Frame C709 48 KB
48 KB 22ms
22ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/XDR-GettyImages-1080277602-1.png?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f145622eea3dfe35b98f5be2409b4e3c763bd2192442eed324a7f01e22e9a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17992502975080493804/DE-DEU_XA-10_0_970x90_BAN-A_HTML5_BOFU-no-Security-XDRSubHubBanners-Security-ALL_0_105/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 05:19:23 GMT
x-content-type-options: nosniff
age: 308987
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49469
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 18:31:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 18 Jul 2024 05:19:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 69ms
34ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-97689914-178&cid=1643838586.1690052949&jid=1313986791&gjid=1199741452&_gid=134753763.1690052949&_u=6ChAAEAAAAAAACAUK~&z=109604383

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
224 B 47ms
47ms Image
text/plain 52.222.169.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036356&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1690052950299&ns_c=UTF-8&c3=&c4=&c5=&c6=&c15=&c7=https%3A%2F%2Fpt.quizur.com%2F&c8=Quizur%20%7C%20Crie%20seu%20Quiz&c9=
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.169.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-169-99.cdg52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
via: 1.1 a1e152cd91a0e624aecabbad581ffcb2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: CDG52-P2
x-amz-cf-id: 2_Hmwj_xXHE4QrKoUqzrHMnc8sohV58Zh4NIAUCW1bYaQK2DY3Ox9g==
x-cache: Miss from cloudfront

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97689914-178&cid=1643838586.1690052949&jid=1313986791&_u=6ChAAEAAAAAAACAUK~&z=1848564317

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97689914-178&cid=1643838586.1690052949&jid=1313986791&_u=6ChAAEAAAAAAACAUK~&z=1848564317

Requested by

Host: pt.quizur.com
URL: https://pt.quizur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK partner Show response
tracker.bt.uol.com.br/ 0
546 B 1255ms
230ms Script
application/javascript 2804:49c:3101:401:ffff:ffff:ffff:52
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3101:401:ffff:ffff:ffff:52 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Sat, 22 Jul 2023 19:09:11 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache
Connection: close
Expires: Sat, 22 Jul 2023 19:09:10 GMT

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame B0C8 213 B
697 B 251ms
251ms Document
text/html 2600:9000:2117:7600:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:7600:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Sat, 22 Jul 2023 19:09:10 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Sat, 22 Jul 2023 19:19:10 GMT
last-modified: Mon, 04 Jan 2021 18:03:21 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 14d7b62a2939d8cc7dc4d65d3de7b692.cloudfront.net (CloudFront)
x-amz-cf-id: IuSDlnzV3xVzcR29xyJ9hTY8iiM17UAjciuFee2gySdQGBSk4p89Aw==
x-amz-cf-pop: CDG50-C1
x-cache: RefreshHit from cloudfront

GET
H2 200 purge-clients.html Show response
tm.uol.com.br/ Frame B25C 213 B
698 B 247ms
247ms Document
text/html 2600:9000:2117:7600:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2117:7600:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding: gzip
content-length: 182
content-type: text/html;charset=UTF-8
date: Sat, 22 Jul 2023 19:09:10 GMT
etag: 8b30191927f0982283d45c76292da712
expires: Sat, 22 Jul 2023 19:19:10 GMT
last-modified: Mon, 04 Jan 2021 18:03:22 GMT
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server: marrakesh 1.16.6
via: 1.1 14d7b62a2939d8cc7dc4d65d3de7b692.cloudfront.net (CloudFront)
x-amz-cf-id: PJ_3v1HPz7ZXS1c904q2_fVTlMcekiW5V-XDiTkSgF630E_FOqQ9zg==
x-amz-cf-pop: CDG50-C1
x-cache: RefreshHit from cloudfront

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=CA88782D451A4EC0981DD872F0439753&RedC=c.clarity.ms&MXFR=18444834178A670505645B62138A6998
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA88782D451A4EC0981DD872F0439753&MUID=3003C66F897768F2323DD53988DB69EB

42 B
466 B

49ms
49ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA88782D451A4EC0981DD872F0439753&MUID=3003C66F897768F2323DD53988DB69EB
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
last-modified: Tue, 06 Jun 2023 17:31:23 GMT
server: Microsoft-IIS/10.0
etag: "dca6ffb69c98d91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CB28CB15D3DB4060ABB54875E47E4EDD Ref B: FRA31EDGE0709 Ref C: 2023-07-22T19:09:10Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=CA88782D451A4EC0981DD872F0439753&MUID=3003C66F897768F2323DD53988DB69EB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 117ms
71ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68bce285cb176072ba102a06c261394e565f3b126d4b161a384400f8a37177e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11776
x-xss-protection: 0

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 59ms
21ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: pt.quizur.com
URL: https://pt.quizur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:24:41 GMT
content-encoding: gzip
age: 6269
x-guploader-uploadid: ADPycdtpK50mvcdkSCTdN_TmbjlgxCcz0Ow24zqLqX916ei_wk6xDGvG8ZXXsuGKlJYluVl1rr_jcYmIXr7C-WQgGSHxuQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6114
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "1f6a2c178b385e908b632664e93aed26"
x-goog-hash: crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
x-goog-generation: 1663611635525811
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
expires: Sun, 23 Jul 2023 17:24:41 GMT

POST
H2 204 rum Show response
pt.quizur.com/cdn-cgi/ 0
204 B 43ms
42ms XHR
text/plain 2606:4700:20::681a:2d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pt.quizur.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2cb3a2ab87c5498db5ce7e6608cf55231689030342039

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2d8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: application/json

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://pt.quizur.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7eadf9fbfa6830d2-FRA

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
28ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=402134110&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpt.quizur.com%2F&ul=en-us&de=UTF-8&dt=Quizur%20%7C%20Crie%20seu%20Quiz&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=https%3A%2F%2Fpt.quizur.com%2F&_u=6CjAAEABAAAAACAUK~&jid=1474985127&gjid=845150382&cid=1643838586.1690052949&tid=UA-97689914-178&_gid=134753763.1690052949&_r=1&gtm=45He37j0n81TKW2SVZ&z=2121270197

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKW2SVZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Jul 2023 19:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 273
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 22 Jul 2023 21:04:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 30ms
29ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-97689914-178&cid=1643838586.1690052949&jid=1474985127&gjid=845150382&_gid=134753763.1690052949&_u=6CjAAEABAAAAACAUK~&z=733146268

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.quizur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 22ms
21ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 20:57:53 GMT
content-encoding: gzip
age: 79877
x-guploader-uploadid: ADPycdtnaP8Ku9YNPTRgIw02l7rQB9xLyDkDj487VAv048BIrfK_dzua7ovUCu7o6osP35AWj9fh-KQuYhr05ndCmaYs3A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8332
last-modified: Mon, 19 Sep 2022 18:20:35 GMT
server: UploadServer
etag: "e3068e8113c8f02d9b9a31f913c7a062"
x-goog-hash: crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation: 1663611635449519
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
expires: Sat, 22 Jul 2023 20:57:53 GMT

GET
H2 200 trk
tt-12765-5.seg.t.tailtarget.com/ 70 B
593 B 212ms
123ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-12765-5.seg.t.tailtarget.com/trk?tA=TT-12765-5&tJ=_channel:sdt-quizur:1&tK=1690052950&tM=direct&tL=direct&tN=direct&tY=3&tZ=14974446
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 49ms
49ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97689914-178&cid=1643838586.1690052949&jid=1474985127&_u=6CjAAEABAAAAACAUK~&z=1274780580

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
46ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-97689914-178&cid=1643838586.1690052949&jid=1474985127&_u=6CjAAEABAAAAACAUK~&z=1274780580

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 75 B
508 B 206ms
122ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?env=_ttq_tt_seedtag
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 8d0c0bdac7b3824e9ea2964d592ef3283ef44e9c0afcd02414a9f65244a9ac3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076291

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 19:09:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5F8 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1692
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 18:40:58 GMT
expires: Sun, 21 Jul 2024 18:40:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C0BD 783 B
535 B 33ms
32ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b68589c5f9a2db2a64612643536845b07d49a0643f4c6eded52ba2c86d65c349

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NqEbjbECuE66BMwStVJh-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pt.quizur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-NqEbjbECuE66BMwStVJh-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Jul 2023 19:09:10 GMT
expires: Sat, 22 Jul 2023 19:09:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js Show response
pagead2.googlesyndication.com/bg/ Frame E5F8 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 13:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14655
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Jul 2024 13:22:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C0BD 0
0 54ms
53ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=2655375327086908&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame B25C 43 KB
10 KB 32ms
32ms Script
application/javascript 2600:9000:244f:6e00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:6e00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:21:15 GMT
content-encoding: gzip
via: 1.1 6bbb2da0f4f203dadcd8f0ae1073d674.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
age: 2875
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 9152
last-modified: Thu, 17 Mar 2022 17:50:21 GMT
server: marrakesh 1.16.6
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: O2tnpCFvhE5gthLZHb42qjVMPiW61OOJgHsrifLh6PcrgokNHqfVoQ==
expires: Sat, 22 Jul 2023 19:21:15 GMT

GET
H2 200 client-purge.js Show response
tm.jsuol.com.br/modules/ Frame B0C8 43 KB
10 KB 32ms
32ms Script
application/javascript 2600:9000:244f:6e00:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/client-purge.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:244f:6e00:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 18:21:15 GMT
content-encoding: gzip
via: 1.1 6bbb2da0f4f203dadcd8f0ae1073d674.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P4
age: 2875
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 9152
last-modified: Thu, 17 Mar 2022 17:50:21 GMT
server: marrakesh 1.16.6
etag: 827b2a3854d3757c0264519acafab901
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: pQD3Gjm_4FwOZpTcD5h3Ka1I7vb-1Z6PWXhIb5tIXdThkBqq-kYAmw==
expires: Sat, 22 Jul 2023 19:21:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5F8 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OHEzyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 b Show response
b.t.tailtarget.com/ 134 B
551 B 125ms
125ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-12765-5&tY=1&tS=4&tU=0100007F5629BC64C1062C160263BC04&tX=b.52&tZ=610518022&env=_ttq_tt_seedtag
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 85d43f29c59d85e2ce190984c323e396906de25435778af7a8c36a5415ee9866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:10 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 ca Show response
tt-12765-5.seg.t.tailtarget.com/ 82 B
120 B 124ms
124ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-12765-5.seg.t.tailtarget.com/ca?tZ=385588283&env=_ttq_tt_seedtag
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: fd3cee7ddf690a0fc874c58c0c3f5ddb058ceded8eb6a19bc470273af9e96d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:11 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 693B 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqIHZqaqL3yd_9pEv3cCMwPwc73_X7ozxqjv7zXVjhGJMpGp2hp6ivLC6mcYxhid3OHLyU6JwznpCVqNtgWEKZ7z_t0GKyjAiZjbd5W9rYNIj94T3b0d-y23SfG7w_cfhxaYZFb9ZtbGlg&sai=AMfl-YSA96eVT2p59o2V74TR-lmMmL4lpbjUPLfwHHSpZq9aBPpdHJb1EsIHn7slKO1rodY2n9Wwxx284bBy7HFvlI_oQYTYLxgFiPs5qWP4fwk68DHc7rPtahpRsmo&sig=Cg0ArKJSzHw9BkTYwgCiEAE&cid=CAQSOwBpAlJWklNgiJUZyL9-QAVWhfLZutIGNc77Bgjlb99mlWCEi9efxyCEjaXDso93lKD1YH8NB8o1_GO9GAE&id=lidar2&mcvt=1002&p=1109,315,1199,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1543694557&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690052949169&rpt=785&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 148ms
125ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-12765-5&tE=0&tF=&tI=___de_1690052950782_1410576293&tJ=&tQ=sdt-quizur&tU=0100007F5629BC64C1062C160263BC04&tX=b.52&tY=1&tZ=492661651
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:09:11 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=2655375327086908&bg=!HR6lHkrNAAZsPphkTD47ADkAdvg8WmgWmR6ezNQyt3Vj6McAwyvAXPZr177GL82knn5QJBPCFyFRWqFk_upXlyu78wxXKB_L1UcCAAAAVFIAAAAFaAEHCgAOEYZ-0CpkxakKUzTQWUeZAubthKCWcAjgDr9PtOof53GmFlLlOClYslVPbW96hOtHLYBsT9jvw83AtovzaayQwB0qhg8Zx_rJ1i_7EBJT5lpVfY-0jHdlpoW9TIRAFX4wWQBoCEjdfJq8aUYT4-i8xXUOmQWJIX_LXydpBksrLcj4NwbjiiXEbL0SsRFLUdY0YiyDORi9He9AnPYQykCuYSNCx9UBewxbwsboB3WBJ8eRTZTi8vr3duzg7tpQGAtfbs6oKUnq9nj1mjUEADQA3SJdjD2Z_M8VnPBjNRnNS51QymorQ3p3l1t_wb0teEEecWEmGsIOQ97-mRee5VutkW0yDK-2yeKzppNxhcdkF5AIhi8emNvO-7RG59xlrBjCMp-6GWwZAZLDTsAX4g8XCjz-w9l7Qeo7-i7eSPdpsE2s1_A5Uu049-uL-wHH5Pr2X2yREEUkGEQDqM297hMi0fVsMDQIZUOD8xmZvIS7kc9mCElD9Dtil7hyajoGCgS99zYAlnWUA-hGY9mpXEfyb60hTayPK01uQaQG5OQAI8BmsiZxTjWrzr6DGXpq0G8SPdRjPvKY7C7XIqXzcqy0J7VRA5pbxlapc3xM_ycQF4FGJDFFKR5kSBAZY3lKnjUHutCqBNwQ8mU1UnSdshI5YfuTHgBv1hJoCjY_IViwSBVZrKLKOAENFg6PUircr4KK1RBx2ana4AZKldvQyDNbdmTw4ZhLxmIyG9Ve-l5AJy7W5Dap6-xJpGGb8EI14dyKDcQMORXFCxyu9h2j3DnowQCrifEFmcdaF_tEy28hfxXDRLRwTtsyMtlo6L1RSdL0L2TSy6eaFDsM1gnZs5Ayu82wRIYFjKi7E4YB1zxfryQ9RYU6w6mT6yAWNiwxnrxGR2gHqRv7SHM22NwWb4tupPPtz1mXRnAw6j-Mzt2kPAlr7J1LnSX4Fyv7hfVYuDGb2nTkGrilTad8fcCpLK4_xDzhrwxk0dEJrXZb7K1beBEipqwfhUAf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pt.quizur.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 693B 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3883838268369&version=m202306200101&ct=76&x=1&cor=14026715434739253000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 83ms
39ms XHR
text/plain 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.236e5bfa3ae0006ebe29.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Jul 2023 19:09:11 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://pt.quizur.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7Nu8n,pingTime:1,time:2498,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D,%7Bpiv:100,vs:i,r:,t:1498%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:1498,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1492~0,0~100%5D,as:%5B1492~970.90%5D%7D%7D,%7Bsl:i,t:1498,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:12 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 177ms
177ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7Nu8o,pingTime:1,time:2499,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D,%7Bpiv:100,vs:i,r:,t:1498%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1498,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1492~0,0~100%5D,as:%5B1492~970.90%5D%7D%7D,%7Bsl:i,t:1498,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:12 GMT
server: nginx
x-server-name: dt24.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H/1.1 204
No Content collect Show response
r.clarity.ms/ 0
293 B 126ms
125ms XHR
text/plain 20.119.174.243
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.119.174.243 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.quizur.com
Date: Sat, 22 Jul 2023 19:09:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 204 ev Show response
s.seedtag.com/e/ 0
14 B 34ms
33ms XHR
text/plain 34.149.50.64
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.seedtag.com/e/ev
Requested by: Host: t.seedtag.com
URL: https://t.seedtag.com/c/st_0.236e5bfa3ae0006ebe29.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 64.50.149.34.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.quizur.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Jul 2023 19:09:15 GMT
via: 1.1 google
server: openresty
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD
access-control-allow-origin: https://pt.quizur.com
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7NvaT,pingTime:5,time:6498,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D,%7Bpiv:100,vs:i,r:,t:1498%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5000,o:1498,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1492~0,0~100%5D,as:%5B1492~970.90%5D%7D%7D,%7Bsl:i,t:1498,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:16 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 693B 43 B
215 B 178ms
178ms Image
image/gif 2600:1f13:800:7781:b8a7:774b:340b:2fe2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1135760&asId=49a9fd6a-fc06-18d1-f80d-db4e68deabde&tv=%7Bc:j7NvaU,pingTime:5,time:6499,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:90,t:18%7D,%7Bpiv:100,vs:i,r:,t:1498%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1498,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:18,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1492~0,0~100%5D,as:%5B1492~970.90%5D%7D%7D,%7Bsl:i,t:1498,wc:0.0.1600.1200,ac:NaN.NaN.970.90,am:i,cc:NaN.NaN.970.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:tKLDWtv+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1135760-65089104%7C191%7C1a%7C1b%7C1c%7C1d%7C1e,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:19,sis:354%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:b8a7:774b:340b:2fe2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Jul 2023 19:09:16 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quizur.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 06b3dhe5a6norv6eadk5bjomv3
pt.quizur.com/	1970-01-20 13:28:59	Name: AWSELB Value: 294993600638C8AE48889BF186291BCDB4C1679918987F04D87DE9BE4CED755E89FEF4A964B551120E34AF7933E9145918FB7274514C9EC72F8A34C16395FC0162DA98AC
www.clarity.ms/	1970-01-20 22:13:08	Name: CLID Value: 7710bdd0cace41ecbf9fabf4a22a9035.20230722.20240721
.tiktok.com/	1970-01-20 22:49:08	Name: _ttp Value: 2SwLy9DNbWBZ1d9PCIyGhD5ze9c
.quizur.com/	1970-01-20 22:13:08	Name: _clck Value: 66k7bj\|2\|fdi\|0\|1298
.quizur.com/	1970-01-20 22:49:08	Name: _tt_enable_cookie Value: 1
.quizur.com/	1970-01-20 22:49:08	Name: _ttp Value: geZKvMI-M6_1Ce0dhL1nlK5Ew6H
.quizur.com/	1970-01-20 15:37:08	Name: _fbp Value: fb.1.1690052948987.1555168315
.doubleclick.net/	1970-01-20 22:49:08	Name: IDE Value: AHWqTUlKQsMjchybZmS1mFSBi2zETtshoNCO8S2e5Sno2-NXkV8xtpOV2OAkWFeSkkU
.quizur.com/	1970-01-20 22:49:08	Name: __gads Value: ID=980a6fae6ac56a66:T=1690052948:RT=1690052948:S=ALNI_MaR5YT60aRzVgZ8xvArS0e20J6toQ
.quizur.com/	1970-01-20 22:49:08	Name: __gpi Value: UID=00000c42904fbb18:T=1690052948:RT=1690052948:S=ALNI_Maqy1cahMhjArGJJ6iwqmnVuAYrtg
.quizur.com/	1970-01-20 13:28:59	Name: _clsk Value: 1bjt2k\|1690052949270\|1\|0\|r.clarity.ms/collect
.quizur.com/	1970-01-20 13:28:59	Name: _gid Value: GA1.2.134753763.1690052949
.adnxs.com/	1970-01-20 15:37:08	Name: uuid2 Value: 6252931869327099380
.adnxs.com/	1970-01-20 15:37:08	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#q/4y7!]tbPl1M>e)ZlrFUfJ+tGXxoDIgWD8F4C=tA'=tE>?41SVFT-Q<:^:.0x63If)y3KL9D3I?+TI^k/f
.doubleclick.net/	1970-01-20 17:46:44	Name: APC Value: Aa3gxNr3IPeYsGq5HnG0gCP-7KiK4QrG_dqzc5hBGzJK10LesKFfVw
.casalemedia.com/	1970-01-20 22:13:08	Name: CMID Value: ZLwpVTvthcwJXB2pSXAVpAAA
.casalemedia.com/	1970-01-20 15:37:08	Name: CMPS Value: 5228
.casalemedia.com/	1970-01-20 15:37:08	Name: CMPRO Value: 5228
.lijit.com/	1970-01-20 22:13:08	Name: ljt_reader Value: HBk9rGZH_07stn8uSIuzxcws
.quantserve.com/	1970-01-20 22:57:47	Name: mc Value: 64bc2956-1cec2-4217d-cdac7
.quizur.com/	1970-01-20 22:52:01	Name: __qca Value: P0-984462428-1690052949992
.pubmatic.com/	1970-01-20 13:28:59	Name: KTPCACOOKIE Value: YES
.1rx.io/	1970-01-20 22:13:08	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2e585669-fd4f-476d-8d0b-ed80ea49093d-003%22%7D
.yahoo.com/	1970-01-20 22:13:30	Name: A3 Value: d=AQABBFYpvGQCEKX81m_Dp4iPa9vskZX6MusFEgEBAQF6vWTGZAAAAAAA_eMAAA&S=AQAAArcHbu0bix-q28lYenzprjU
.pubmatic.com/	1970-01-20 22:13:08	Name: KADUSERCOOKIE Value: 34B4FBB2-8FE5-4E20-BFC2-6C7E04BC8CD7
.quizur.com/	1970-01-20 13:27:33	Name: _gat_uolMain Value: 1
.quizur.com/	1970-01-20 23:03:32	Name: _ga_L92XFPRQ85 Value: GS1.1.1690052950.1.0.1690052950.60.0.0
.targeting.unrulymedia.com/	1970-01-20 22:13:08	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-2e585669-fd4f-476d-8d0b-ed80ea49093d-003%22%7D
.quizur.com/	1970-01-20 23:03:32	Name: _ga Value: GA1.2.1643838586.1690052949
.quizur.com/	1970-01-20 13:27:33	Name: _gat_UA-97689914-178 Value: 1
pt.quizur.com/	1970-01-20 13:27:34	Name: tt_c_vmt Value: 1690052950
pt.quizur.com/	1970-01-20 13:27:34	Name: tt_c_c Value: direct
pt.quizur.com/	1970-01-20 13:27:34	Name: tt_c_s Value: direct
pt.quizur.com/	1970-01-20 13:27:34	Name: tt_c_m Value: direct
pt.quizur.com/	1970-01-20 23:03:32	Name: _ttuu.s Value: 1690052950479
.tt-12765-5.seg.t.tailtarget.com/	1970-01-20 14:10:44	Name: trk Value: 4n7iarGIYEU1pRStQiq1DA==
.t.tailtarget.com/	1970-01-20 13:30:25	Name: _ssc Value: y
.bing.com/	1970-01-20 22:49:08	Name: MUID Value: 3003C66F897768F2323DD53988DB69EB
.c.bing.com/	1970-01-20 13:37:37	Name: MR Value: 0
.c.bing.com/	1970-01-20 22:49:08	Name: SRM_B Value: 3003C66F897768F2323DD53988DB69EB
.t.tailtarget.com/	1970-01-20 22:13:08	Name: u Value: fwAAAWS8KVYWLAbBBLxjAgB=
pt.quizur.com/	1970-01-20 22:13:08	Name: tt.u Value: 0100007F5629BC64C1062C160263BC04
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 22:49:08	Name: MUID Value: 3003C66F897768F2323DD53988DB69EB
.c.clarity.ms/	1970-01-20 13:37:37	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 13:27:33	Name: ANONCHK Value: 0
.t.tailtarget.com/	1970-01-20 14:10:44	Name: ttbprf Value: ___de_1690052950782_1410576293
.t.tailtarget.com/	1970-01-20 13:27:34	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 14:10:44	Name: ttnprf Value:
pt.quizur.com/	1970-01-20 13:28:59	Name: tt.nprf Value:
.tt-12765-5.seg.t.tailtarget.com/	1970-01-20 13:27:36	Name: ttca Value: _1690052951
.t.tailtarget.com/	1970-01-20 14:10:44	Name: n Value: 1690052951

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://a.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
a9889c1e556784eb4e11916d6d0f33eb.safeframe.googlesyndication.com
analytics.tiktok.com
ap.lijit.com
b.t.tailtarget.com
bid.g.doubleclick.net
c.bing.com
c.clarity.ms
call.cleverwebserver.com
cm.g.doubleclick.net
cnt.trvdp.com
connect.facebook.net
d.tailtarget.com
dclk-match.dotomi.com
dis.criteo.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
img.quizur.com
me.jsuol.com.br
pagead2.googlesyndication.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pt.quizur.com
r.clarity.ms
region1.analytics.google.com
rules.quantcount.com
s.ad.smaato.net
s.seedtag.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.cleverwebserver.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
t.seedtag.com
t.tailtarget.com
t.teads.tv
tags.t.tailtarget.com
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tracker.bt.uol.com.br
tt-12765-5.seg.t.tailtarget.com
ui.cleverwebserver.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.18.131.145
108.177.15.156
142.250.184.226
142.250.185.194
178.250.1.9
185.80.39.216
198.47.127.19
20.119.174.243
2001:4860:4802:34::36
216.52.2.16
23.212.89.35
23.218.209.56
23.38.98.27
2600:1f13:800:7781:b8a7:774b:340b:2fe2
2600:9000:2057:5600:1b:5138:8a40:93a1
2600:9000:2117:7600:6:5b96:3f00:93a1
2600:9000:223c:4800:6:44e3:f8c0:93a1
2600:9000:223d:3e00:1:aa11:940:93a1
2600:9000:223f:a400:8:48e:53c0:93a1
2600:9000:244f:6e00:6:9eb2:5cc0:93a1
2606:4700:20::681a:2d8
2606:4700::6810:3965
2606:4700::6812:18f6
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:46::45
2620:1ec:c11::200
2804:49c:3101:401:ffff:ffff:ffff:52
2a00:1450:4001:800::2004
2a00:1450:4001:801::2001
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9a
2a02:fa8:8806:16::1400
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:d29:3602:9f1d:de60:1b9f:c4d1
34.102.185.99
34.149.50.64
34.254.206.221
35.201.123.184
37.252.171.52
46.228.174.117
52.222.169.99
68.219.88.97
99.86.91.28
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05eb14e830a062a5054bf6332d39458064d4e1d0ef5644b789f7070457f64f2f
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
09be6bd62d36f7e8d3134da373613b6bf7ec4852d8bff6bc0d261e4c546086d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dae089b1d5c18927b85e033f47cc2b3424ff1f34de34d4a424df0beb81115d1
10e4293d18242bc7e51b1bf869705da8ff6a7452215cf49120ad8c0251203e6c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15bc1f3ab8a136d1074f164aec63c58b1c15404b56e80b079dd80dafb334d7e1
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
179478ab339535b2db2a31bae3daf8338d116c4fa501738875a3d405cf52147d
19f98edad3fa892172e991f5acad33558c5ba977c7eb9f14870e9c1f81b7836d
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1ab5d91abeb5c5417de80b6017495068086b5fddb6140094286d865b5c6a4b29
1d7fbc72cd886f30f16e23e2c81aa86136c3408c6418c025a322892a67ffcaee
1e4d49f745bf165abe5af2d5a953d941f4c7da394316284aaf84fc63ec3ccf85
20990bf56f4db13b8cb039b94a70f60304d3622a92dc8f91cc887855fc0371f4
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
26a9c5bebccbea62122a4fe0d328b7fe3d5a7f6b77a655981cf743c923ccd12b
282b35dabd5da2a4a49bad59109de41a83e77101bb4fe05134da6c399e8b54b8
2a90814066989c1db101e6fa4443d65f00847703b2112ab177efcd1a73b5e161
2b96141330555c0bdb76b20069c61146556d8d6d411ba9ed0ac70bf1b0e6db7b
2bbb7eac4e7d5cc4b30cac1a89b495c4c1fd27200088a79d4d11e02565b6fae5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37ad101c490fae96d00dc387153203db797f14cd794de6d6d8bd10f152b6a80b
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3f145622eea3dfe35b98f5be2409b4e3c763bd2192442eed324a7f01e22e9a6f
3f18069b9af8471d416c4692e969fe6bb69c3c40010d8fc17e40577730d2e042
40e4951dffea740356de1c800b47ff35a1fac0756b592a4ff5ea9a316b0119b9
45ed23ebfce9d384631a10d1c6085c8ff6a0ae8bad56c55d7e300c4561f3f66a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4cf6b0041792515d9036fad75e278ddc885672587d77908729cc9b5d66ca3dcf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c
615c6f51bbfbd190e204affdcbe01b3e992523f1b4629b59a212368e8fd15ce8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
677edf2e1ba51a94de9a458a904ae3f66efb18ca1812f4d740cf4410c275fe80
68bce285cb176072ba102a06c261394e565f3b126d4b161a384400f8a37177e5
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6c65ac9511828290f9b76debc525de86b57415c1ce204e7ce53e493d54502a72
6ced2f53d5282eeaeaec9c8670f424e5e894a13a51cf65bdb2cce44dfc17ff6a
6e7e124d9fc9ed632f12a8a18dc7ed5a59e247c02a0bb086a904303af39e565f
708b8908f8f220a38470eb3cc2bdb82a0dca2d0e9c95ee11e221fb27e5330e9d
72027accaba5d89b36e87c380ccafb5f09422215e9d3f84fa83009abfeb8f67f
72f1c0c518a1f255e344a35e8487276ddbf742f4f2bac6d42fc96160a624787f
78fba82bc698e0644e1f796af93e78a270e0a58768d0d2c17970529122deb851
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7d03c6840e4b03d791b6417fac83d8dc7569f4591c4d6d3b418c53facfaaed34
8485a9dd6629cd67e0687d9192d7d02dfe742aa1f643160b926783efa1675d5c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
85d43f29c59d85e2ce190984c323e396906de25435778af7a8c36a5415ee9866
8d0c0bdac7b3824e9ea2964d592ef3283ef44e9c0afcd02414a9f65244a9ac3f
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8
8efc99f47add42a00d90e8346ecaef977cf00501c5054e5a6dece7d1b94e112a
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
96ee7751d1e8c747bcfb910f40e8df985fe79bf90a17d1da543ea79fb507a521
96f48de66fe580447ff42a36f93b6e03e472b77f19657934db1bcff91f94afe2
97bb35db9f4c936f90d08979bca2b96efdc4c1f65a758c1bde577e53c70dba26
9835347920b604b157902d2e3c2c6f8692a4ad0104d8727f8d39f0e62e5542a0
98ee89abc183c398b66b0c52fe780551b89ad2189a6adca3b8aafc85b7643441
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c486e4ea33905b91e62504017857f89f8817090b344e42f184bb69a1702b4f1
9d0575eb6cb9554ea72d75bd3342cb1c21436fb8efff4cb20f9dd7cdbcba4bfb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a039b5bdd0a92cdddcb17bc53b2cbc102a88344cb385603a9fa73f98fc6f175d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a6dfb74c50c734f965e1f1028d6ccfe365b41b3433745c97e23c5c3266774b34
a97b62b324a6482dcf5b0e24b2bbfeb7d435bde8b27d6136e429f7978b4370f6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad022966ece2f91d01fc0145eb2df15608977fa00734244efbf33f15f960d022
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af780e357234ceb6feec085a9a31f46834c88c4d3852d79050ad9dc3658a3a67
b103f27466b6373dcb6e98da53dafb411f0beedc29257ff6c5848d519c3d8ee4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b193e3573fed36718b19384adb92f93e1d0e9ac5bba53766b04fc7eb98bee9ce
b2a73f989b17f07f410278f9199fe9ad73a61b0e5d20eff50b788a5672410c02
b68589c5f9a2db2a64612643536845b07d49a0643f4c6eded52ba2c86d65c349
bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115
c1d78f7d5ae545b164ac05ef74b4fb9e114682ce5fbd49d2b7631ee49cba3f34
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4d6a95e8dd6252c30717fa715d5007ea4c15aa078b6eea84fd74eb8ea5f3310
d5247f5a02c33b4370701e6116c47744fd5299268efb16a865a02216471ecff1
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
da802d350b5a2fd59604af80d9d082ad0d0b4177fd6cc2846481272bee60a442
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3a2174eef9a70c7ab27e82ebeba52939d60cd074baab2269b942cf5dd14ee2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4862e83df8784a22b232e719b515765af6c42c4aa5c75a3c33f050a63fa8e6e
e80a953c5b486354fc64652bd8a7a7a5158496308e60b9eee3e42e094f0d80e2
ee1b1378004a61106aae6c322cbf30758060ac6b98d44de007c727262fba5f5c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2298ef750e255774e128e89785ea60aeb46e21e573c9c0a1d5057df155dd0b4
f261ecd621a60e02791bb474b37265c84c640439452fe2bd2f1bb0ca5c09b6fa
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f40379b3fbf441df742f2187d0b63ad4b5ab3582c0467e2c54b101494ccacd34
f4ae5a40833ca40f1ded2c820915ccc073b509a5a15810de1566ebf1ee4838e4
fa1587d845d642921dab9754e8e358e64a182975a26dd796509cca0797f1429f
fd3cee7ddf690a0fc874c58c0c3f5ddb058ceded8eb6a19bc470273af9e96d76
fe85bffa5c8b49bf241c76e13c47e65d3968d0b3472d2ea0b3a80e9bca144c4b

pt.quizur.com Open in urlscan Pro 2606:4700:20::681a:2d8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

173 Requests

93 %HTTPS

58 %IPv6

36 Domains

61 Subdomains

45 IPs

10 Countries

3407 kBTransfer

7675 kBSize

53 Cookies

1 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pt.quizur.com Open in urlscan Pro
2606:4700:20::681a:2d8 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

93 %
HTTPS

58 %
IPv6

36
Domains

61
Subdomains

45
IPs

10
Countries

3407 kB
Transfer

7675 kB
Size

53
Cookies

173 HTTP transactions
8 data transactions